# # spec file for the CASA_auth_token server-java packages. # # Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine # package are under the same license as the package itself. # # Please submit bugfixes or comments via http://bugs.opensuse.org # # norootforbuild # For debug build, please replace Release to Debug and set debug_opt to --enable-debug %define cfg Release %define debug_opt "" Name: @PACKAGE@ URL: http://www.novell.com/products BuildRequires: gcc-c++ glib2-devel identity-abstraction insserv libstdc++ libstdc++-devel mono-devel pkgconfig servletapi5 sysvinit xerces-j2 xml-commons-apis BuildRequires: java-sdk-1.5.0 update-alternatives log4j jakarta-commons-logging pwdutils %define prefix /usr License: LGPL Group: Applications/System Autoreqprov: on %define bldno @VERSION@ Version: @VERSION@ Release: 0 Summary: Novell CASA Authentication Token Service Source: %{name}-%{version}.tar.bz2 BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: jre >= 1.5.0 Requires: servletapi5 tomcat5 sysvinit insserv identity-abstraction sed log4j xerces-j2 PreReq: %fillup_prereq %insserv_prereq PreReq: /usr/bin/awk, /usr/bin/test, /bin/grep, /bin/cat, /usr/bin/install, /bin/pwd PreReq: /usr/sbin/groupadd, /usr/sbin/useradd, /usr/sbin/userdel, /usr/bin/getent BuildArchitectures: noarch %description CASA_auth_token is an authentication token infrastructure with support for multiple authentication mechanisms with an emphasis on providing a scalable single sign-on solution. A key feature of CASA_auth_token is that its authentication tokens contain identity information about the entity being authenticated. This information is made available to the consuming services. The amount of information contained in the tokens is configured on a per-service basis. Because of this feature, we say that CASA_auth_token projects an "Authenticated Identity". The CASA_auth_token_svc is the infrastructure component responsible for authenticating entities using the native authentication mechanism and for issuing tokens that can later be used by applications to authenticate the entity or services that are CASA authentication enabled. %package -n CASA_auth_token_jaas_support Summary: Novell CASA Authentication Token JAAS Support Components Group: Applications/System Requires: jre >= 1.5.0 Requires: log4j jakarta-commons-logging xerces-j2 %description -n CASA_auth_token_jaas_support CASA_auth_token is an authentication token infrastructure with support for multiple authentication mechanisms with an emphasis on providing a scalable single sign-on solution. A key feature of CASA_auth_token is that its authentication tokens contain identity information about the entity being authenticated. This information is made available to the consuming services. The amount of information contained in the tokens is configured on a per-service basis. Because of this feature, we say that CASA_auth_token projects an "Authenticated Identity". The CASA_auth_token_jaas_support package contains the CASA (Common Authentication Services Adapter) authentication token infrastructure JAAS module and supporting libraries for token verification. %prep %setup -q #%patch %if %{_lib} == "lib64" %define binsource bin64 %else %define binsource bin %endif %build export PATH=.:$PATH:/usr/%_lib/qt3/bin %if %suse_version > 1000 export CFLAGS="$CFLAGS $RPM_OPT_FLAGS -fstack-protector" %endif ./autogen.sh make %install export NO_BRP_CHECK_BYTECODE_VERSION="true" ## Prime the file system ## install -d %{buildroot}%{prefix} install -d %{buildroot}%{prefix}/share install -d %{buildroot}%{prefix}/share/java install -d %{buildroot}%{prefix}/share/java/CASA install -d %{buildroot}%{prefix}/share/java/CASA/authtoken install -d %{buildroot}%{prefix}/share/java/CASA/authtoken/bin install -d %{buildroot}/srv install -d %{buildroot}/srv/www install -d %{buildroot}/srv/www/casaats install -d -m 700 %{buildroot}/srv/www/casaats install -d -m 700 %{buildroot}/srv/www/casaats/conf install -d -m 700 %{buildroot}/srv/www/casaats/conf/Catalina install -d -m 700 %{buildroot}/srv/www/casaats/conf/Catalina/localhost install -d -m 700 %{buildroot}/srv/www/casaats/shared install -d -m 700 %{buildroot}/srv/www/casaats/shared/classes install -d -m 700 %{buildroot}/srv/www/casaats/shared/libs install -d -m 700 %{buildroot}/srv/www/casaats/webapps install -d -m 700 %{buildroot}/srv/www/casaats/logs install -d -m 700 %{buildroot}/srv/www/casaats/work install -d -m 700 %{buildroot}/srv/www/casaats/temp install -d %{buildroot}%{prefix}/share/java/CASA/authtoken/external install -d %{buildroot}%{prefix}/share/java/CASA/authtoken/external/apache.org install -d %{buildroot}/etc install -d %{buildroot}/etc/init.d install -d -m 755 %{buildroot}/var/lib/CASA install -d -m 755 %{buildroot}/var/lib/CASA/authtoken install -d -m 700 %{buildroot}/var/lib/CASA/authtoken/svc install -d -m 755 %{buildroot}/etc/CASA install -d -m 755 %{buildroot}/etc/CASA/authtoken install -d -m 755 %{buildroot}/etc/CASA/authtoken install -d -m 770 %{buildroot}/etc/CASA/authtoken/svc install -d -m 770 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms install -d -m 770 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authenticate install -d -m 770 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate install -d -m 770 %{buildroot}/etc/CASA/authtoken/svc/enabled_services install -d -m 770 %{buildroot}/etc/CASA/authtoken/svc/enabled_services/localhost install -d -m 755 %{buildroot}/etc/CASA/authtoken/svc/templates install -d -m 755 %{buildroot}/etc/CASA/authtoken/keys install -d -m 700 %{buildroot}/etc/CASA/authtoken/keys/server install -d -m 755 %{buildroot}/etc/CASA/authtoken/keys/client ## CASA_auth_token_svc ## # Libs install -m 755 %{_lib}/java/CasaAuthTokenSvc.war %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaAuthTokenSvc-%{bldno}.war install -m 700 %{_lib}/java/CasaAuthTokenSvc.war %{buildroot}/srv/www/casaats/webapps/CasaAuthTokenSvc.war install -m 755 %{_lib}/java/CasaAuthTokenSettingsEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor-%{bldno}.jar install -m 755 %{_lib}/java/CasaIdenTokenSettingsEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor-%{bldno}.jar install -m 755 %{_lib}/java/CasaSvcSettingsEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor-%{bldno}.jar install -m 755 %{_lib}/java/CasaAuthPolicyEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor-%{bldno}.jar # Symbolic Links ln -sf CasaAuthTokenSvc-%{bldno}.war %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaAuthTokenSvc.war ln -sf CasaAuthTokenSettingsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.jar ln -sf CasaIdenTokenSettingsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.jar ln -sf CasaSvcSettingsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.jar ln -sf CasaAuthPolicyEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar # Settings and configuration files install -m 600 Svc/templates/svc.settings %{buildroot}/etc/CASA/authtoken/svc/templates/svc.settings install -m 600 Svc/templates/auth.policy %{buildroot}/etc/CASA/authtoken/svc/templates/auth.policy install -m 600 Svc/templates/iaRealms.xml %{buildroot}/etc/CASA/authtoken/svc/templates/iaRealms.xml install -m 600 Svc/templates/jaas.conf %{buildroot}/etc/CASA/authtoken/svc/templates/jaas.conf install -m 600 Svc/templates/authtoken.settings %{buildroot}/etc/CASA/authtoken/svc/authtoken.settings install -m 600 Svc/templates/identoken.settings %{buildroot}/etc/CASA/authtoken/svc/identoken.settings install -m 600 Svc/src/com/novell/casa/authtoksvc/Krb5_mechanism.settings %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authenticate/mechanism.settings install -m 600 Svc/src/com/novell/casa/authtoksvc/Pwd_mechanism.settings %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate/mechanism.settings install -m 700 Svc/linux/envvars %{buildroot}/etc/CASA/authtoken/svc/envvars install -m 700 Svc/linux/log4j.properties %{buildroot}/etc/CASA/authtoken/svc/log4j.properties # Others install -m 700 Svc/linux/server_keystore_setup.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/server_keystore_setup.sh install -m 700 Svc/linux/CasaBasicATSSetup.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaBasicATSSetup.sh install -m 700 Svc/linux/CasaAuthPolicyEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh install -m 700 Svc/linux/CasaAuthTokenSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.sh install -m 700 Svc/linux/CasaIdenTokenSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.sh install -m 700 Svc/linux/CasaSvcSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.sh install -m 755 Svc/linux/CasaAuthtokenSvcD %{buildroot}/etc/init.d/casa_atsd # Tomcat Base files install -m 600 Svc/tomcat5/conf/catalina.policy %{buildroot}/srv/www/casaats/conf/catalina.policy install -m 600 Svc/tomcat5/conf/catalina.properties %{buildroot}/srv/www/casaats/conf/catalina.properties install -m 600 Svc/tomcat5/conf/jk2.properties %{buildroot}/srv/www/casaats/conf/jk2.properties install -m 600 Svc/tomcat5/conf/linux/server-ibm.xml %{buildroot}/srv/www/casaats/conf/server-ibm.xml install -m 600 Svc/tomcat5/conf/linux/server-sun.xml %{buildroot}/srv/www/casaats/conf/server-sun.xml install -m 600 Svc/tomcat5/conf/tomcat-users.xml %{buildroot}/srv/www/casaats/conf/tomcat-users.xml install -m 600 Svc/tomcat5/conf/web.xml %{buildroot}/srv/www/casaats/conf/web.xml ## CASA_auth_token_jaas_support ## # Libs install -m 755 %{_lib}/java/CasaJaasSupport.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaJaasSupport-%{bldno}.jar install -m 755 %{_lib}/java/CasaAuthToken.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaAuthToken-%{bldno}.jar install -m 755 Svc/external/xmlsec/xml-security-1_4_0/libs/xmlsec-1.4.0.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/apache.org/xmlsec-1.4.0.jar install -m 644 Svc/external/xmlsec/xml-security-1_4_0/LICENSE %{buildroot}%{prefix}/share/java/CASA/authtoken/external/apache.org/LICENSE install -m 644 Jaas/linux/casa_crypto.properties %{buildroot}/etc/CASA/authtoken/keys/client/casa_crypto.properties # Symbolic Links ln -sf CasaJaasSupport-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaJaasSupport.jar ln -sf CasaAuthToken-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaAuthToken.jar # Others install -m 700 Jaas/linux/client_keystore_setup.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/client_keystore_setup.sh %clean rm -rf $RPM_BUILD_ROOT ## CASA_auth_token_svc ## %pre # Do necessary user and group administration group_present=`getent group | grep ^casaauth` if [ -z "$group_present" ] ; then /usr/sbin/groupadd -r casaauth fi user_present=`getent passwd | grep ^casaatsd` if [ -z "$user_present" ] ; then /usr/sbin/useradd -c "casaatsd System User" -s /bin/false -r -d /var/lib/CASA/authtoken/validate -g casaauth casaatsd 2> /dev/null || : fi %post # Install casa_atsd init script, set it to not start by default. %{fillup_and_insserv casa_atsd} # Setup the keystore for the service %{prefix}/share/java/CASA/authtoken/bin/server_keystore_setup.sh %preun %stop_on_removal casa_atsd %postun # Always undeploy our webapp to force re-deployment on upgrade cases echo "Cleaning up webapp folders" rm -drf /srv/www/casaats/webapps/CasaAuthTokenSvc rm -drf /srv/www/casaats/work/Catalina rm -f /srv/www/casaats/conf/server.xml %restart_on_update casa_atsd %insserv_cleanup %files %defattr(-,root,root) %dir %{prefix}/share/java/CASA %dir %{prefix}/share/java/CASA/authtoken %dir %{prefix}/share/java/CASA/authtoken/bin %dir /var/lib/CASA %dir /var/lib/CASA/authtoken %dir %attr(-, casaatsd, casaauth) /var/lib/CASA/authtoken/svc %dir /etc/CASA %dir /etc/CASA/authtoken %dir /etc/CASA/authtoken/keys %{prefix}/share/java/CASA/authtoken/CasaAuthTokenSvc-%{bldno}.war %{prefix}/share/java/CASA/authtoken/CasaAuthTokenSvc.war %{prefix}/share/java/CASA/authtoken/bin/server_keystore_setup.sh %{prefix}/share/java/CASA/authtoken/bin/CasaBasicATSSetup.sh %{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh %{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.sh %{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.sh %{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.sh %{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor-%{bldno}.jar %{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.jar %{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor-%{bldno}.jar %{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.jar %{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor-%{bldno}.jar %{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.jar %{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor-%{bldno}.jar %{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar /etc/init.d/casa_atsd %defattr(-,casaatsd,casaauth) %dir /srv/www/casaats %dir /srv/www/casaats/conf %dir /srv/www/casaats/conf/Catalina %dir /srv/www/casaats/conf/Catalina/localhost %dir /srv/www/casaats/shared %dir /srv/www/casaats/shared/classes %dir /srv/www/casaats/shared/libs %dir /srv/www/casaats/webapps %dir /srv/www/casaats/logs %dir /srv/www/casaats/work %dir /srv/www/casaats/temp %dir /etc/CASA/authtoken/svc %dir /etc/CASA/authtoken/svc/auth_mechanisms %dir /etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authenticate %dir /etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate %dir /etc/CASA/authtoken/svc/enabled_services %dir /etc/CASA/authtoken/svc/enabled_services/localhost %dir /etc/CASA/authtoken/svc/templates %dir /etc/CASA/authtoken/keys/server /srv/www/casaats/webapps/CasaAuthTokenSvc.war %config /srv/www/casaats/conf/catalina.policy %config /srv/www/casaats/conf/catalina.properties %config /srv/www/casaats/conf/jk2.properties %config /srv/www/casaats/conf/server-ibm.xml %config /srv/www/casaats/conf/server-sun.xml %config /srv/www/casaats/conf/tomcat-users.xml %config /srv/www/casaats/conf/web.xml %config /etc/CASA/authtoken/svc/envvars %config /etc/CASA/authtoken/svc/log4j.properties /etc/CASA/authtoken/svc/templates/svc.settings /etc/CASA/authtoken/svc/templates/auth.policy /etc/CASA/authtoken/svc/templates/iaRealms.xml /etc/CASA/authtoken/svc/templates/jaas.conf %config /etc/CASA/authtoken/svc/authtoken.settings %config /etc/CASA/authtoken/svc/identoken.settings %config /etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authenticate/mechanism.settings %config /etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate/mechanism.settings ## CASA_auth_token_jaas_support ## %pre -n CASA_auth_token_jaas_support # Nothing to do in this pre script %post -n CASA_auth_token_jaas_support /sbin/ldconfig # Setup the keystore for the clients %{prefix}/share/java/CASA/authtoken/bin/client_keystore_setup.sh %preun -n CASA_auth_token_jaas_support # Nothing to do in this preun script %postun -n CASA_auth_token_jaas_support # Nothing to do in this preun script %files -n CASA_auth_token_jaas_support %defattr(-,root,root) %dir %{prefix}/share/java/CASA %dir %{prefix}/share/java/CASA/authtoken %dir %{prefix}/share/java/CASA/authtoken/bin %dir %{prefix}/share/java/CASA/authtoken/external %dir %{prefix}/share/java/CASA/authtoken/external/apache.org %dir /etc/CASA %dir /etc/CASA/authtoken %dir /etc/CASA/authtoken/keys %dir /etc/CASA/authtoken/keys/client %{prefix}/share/java/CASA/authtoken/CasaJaasSupport-%{bldno}.jar %{prefix}/share/java/CASA/authtoken/CasaJaasSupport.jar %{prefix}/share/java/CASA/authtoken/CasaAuthToken-%{bldno}.jar %{prefix}/share/java/CASA/authtoken/CasaAuthToken.jar %{prefix}/share/java/CASA/authtoken/bin/client_keystore_setup.sh %{prefix}/share/java/CASA/authtoken/external/apache.org/xmlsec-1.4.0.jar %{prefix}/share/java/CASA/authtoken/external/apache.org/LICENSE %config /etc/CASA/authtoken/keys/client/casa_crypto.properties %changelog -n CASA_auth_token_svc