442 lines
16 KiB
Plaintext
442 lines
16 KiB
Plaintext
-------------------------------------------------------------------
|
|
Mon Jun 2 15:17:57 MDT 2008 - jluciani@novell.com
|
|
|
|
- Modified all the necessary scripts to become JVM version
|
|
independent in order to resolve BUG 394342.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 1 13:24:05 MST 2008 - jluciani@novell.com
|
|
|
|
- Added code to override the default LDAP connect timeout to
|
|
a more reasonable value. This addresses the client timeout
|
|
issue being seen during LDAP server fail-over reported in
|
|
BUG 292598.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 28 13:19:43 MST 2008 - jluciani@novell.com
|
|
|
|
- Updated the way the RealmsInfo class reads the iaRealms file to
|
|
allow for extended characters in the file. This addresses BUG
|
|
338574.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 30 02:06:58 CET 2008 - ro@suse.de
|
|
|
|
- fix tomcat requires as well
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jan 26 11:55:41 CET 2008 - coolo@suse.de
|
|
|
|
- build against tomcat6
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 9 10:19:43 MDT 2007 - jluciani@novell.com
|
|
|
|
- Changed tomcat5 dependency to tomcat55 for SuSE versions
|
|
greater or equal to 1030 to handle changes in the distribution.
|
|
This addresses BUG 297712.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 29 09:28:40 MDT 2007 - jluciani@novell.com
|
|
|
|
- Added JRE_HOME setting to the envvars file used by the
|
|
CASA_auth_token_svc rpm targeted for Zenworks. This addresses
|
|
BUG 283074.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 27 10:22:33 MDT 2007 - jluciani@novell.com
|
|
|
|
- Updated server.xml file used in CASA_auth_token_svc package
|
|
delivered to Zen to resolve BUG 283074.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 25 12:09:20 MDT 2007 - jluciani@novell.com
|
|
|
|
- Removed dependency to jakarta-commons-lang package added when
|
|
BUG 278396 was fixed since we found out that the package is
|
|
not in the SLES media.
|
|
|
|
- Added "ATS Access through Web Server" to resolve BUG 287279.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 8 15:03:14 MDT 2007 - jluciani@novell.com
|
|
|
|
- Fixed problem where we were failing to authenticate users
|
|
residing in a container with a "&" in the name. This was
|
|
reported in BUG 278396.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 4 11:14:14 MDT 2007 - jluciani@novell.com
|
|
|
|
- Changed to leverage the server key and certificate
|
|
(/etc/ssl/servercerts) if present as part of the solution
|
|
to BUG 242891.
|
|
|
|
- Added a scrip to store the Signing Certificates from trusted
|
|
ATSs in the client store. This certificate is executed by the
|
|
Yast module when completing the configured ATS trust associations.
|
|
This is part of the solution to BUG 242891.
|
|
|
|
- Changed the ATS to use the certificates in the Trusted ATS Keystore
|
|
(the client store) when verifying session tokens. This is part of
|
|
the solution to BUG 242891.
|
|
|
|
- The envvars script for the client now specifies the path that Java
|
|
should be using to load native libraries in order to work-around
|
|
the problem of the 64bit JVM trying to load 32bit libraries. This
|
|
resolves BUG 278825.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 24 09:48:00 MDT 2007 - jluciani@novell.com
|
|
|
|
- Fixed problem in TomcatConnectorEditor utility where it was
|
|
referencing the wrong path to the server.xml file. This fixes
|
|
BUG277839.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 10 10:55:22 MDT 2007 - jluciani@novell.com
|
|
|
|
- Removed the temporary work around made to the SPEC files
|
|
which was allowing the user casaatsd to have a shell.
|
|
|
|
- Removed the OES workaround from the CasaBasicATSSetup script
|
|
since it is no longer needed.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 9 16:38:14 MDT 2007 - jluciani@novell.com
|
|
|
|
- Added the capability to read REALM credentials from miCASA to
|
|
avoid having the credentials in the clear in the iaRealms.xml
|
|
file. This change adds a dependency on CASA and partially
|
|
addresses BUG265414.
|
|
|
|
- Created a utility that allows users to edit the iaRealms.xml
|
|
file. This was necessary to support the CASA ATS Yast Module
|
|
enhancements.
|
|
|
|
- Fixed settings and policy utilities to output error messages
|
|
to stderr instead of stdout to avoid messing up the CASA ATS
|
|
Yast Module.
|
|
|
|
- Fixed the SPEC files to set the appropriate home folder for
|
|
the casaatsd user.
|
|
|
|
- Temporary changed the SPEC files to allow the casaatsd user
|
|
to have a shell. This change will be reverted as soon as
|
|
the CASAcli is updated to allow a root user to pass the
|
|
UID of the user being targeted.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 20 15:40:01 MDT 2007 - jluciani@novell.com
|
|
|
|
- Created utilities for editing the connector entry for the
|
|
server.xml Tomcat configuration file so that it can be
|
|
easily modified so that the Tomcat instance utilized by
|
|
the ATS use a different Keystore and be able to leverage
|
|
Certificate/Keys installed for other products. This is
|
|
the first step in the resolution of BUG242891.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 18 16:43:48 MDT 2007 - jluciani@novell.com
|
|
|
|
- Fixed authentication problems where extended characters are
|
|
part of either the username, password, or the information
|
|
contained in the session or authentication tokens. This
|
|
takes care of BUG263007.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 17 16:35:10 MDT 2007 - jluciani@novell.com
|
|
|
|
- Fixed access rights to the /etc/CASA/authtoken/svc folder and
|
|
its sub-folders to allow members of the casaauth group to
|
|
configure themselves. This resolves BUG265580.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 2 16:45:11 MDT 2007 - jluciani@novell.com
|
|
|
|
- Added pwdutils to BuildRequires to fix build issue.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 21 17:19:16 MDT 2007 - jluciani@novell.com
|
|
|
|
- Fixed BUG256569. The changes allow the ATS to fail-over to another
|
|
LDAP server in the case of a communication failure.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 19 10:41:50 MDT 2007 - jluciani@novell.com
|
|
|
|
- Fixed BUG242969 by removing the log files that get created by
|
|
the Windows install of the ATS.
|
|
|
|
- Fixed BUG251942 by updating the Windows install file responsible
|
|
for setting up the log4j.properties file so that it properly
|
|
escapes the path characters.
|
|
|
|
- Fixed BUG250413 by lowering the priority of the messages being
|
|
logged and by increasing the log level priority to "warn" in
|
|
the log4j.properties file.
|
|
|
|
- Fixed BUG243339 by codding directly to the classes provided by
|
|
xmlsec and taking care of building SOAP messages with the
|
|
necessary WS-Security headers.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 5 11:32:37 MST 2007 - jluciani@novell.com
|
|
|
|
- Fixed logging issues under Windows.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 22 15:44:28 MST 2007 - jluciani@novell.com
|
|
|
|
- Switched logging from Standard Out to using Log4j. Now the
|
|
logging and tracing levels can be adjusted via the
|
|
log4j.properties file. The changes separate logs done for
|
|
tracing Rpc processing from regular logs. These changes
|
|
take care of BUG243343.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 13 16:41:46 MST 2007 - jluciani@novell.com
|
|
|
|
- Made changes to deal with recommendations given by Greg as
|
|
a result of the code review that he performed.
|
|
|
|
- Added check to protect against zero length passwords in the
|
|
Pwd authentication mechanism.
|
|
|
|
- Fixed issue that was not allowing us to associate a PID file
|
|
with the ATS service.
|
|
|
|
- Stopped deleting the user "casaatsd" during RPM un-install to
|
|
avoid problems with orphaned files.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 12 09:09:56 MST 2007 - jluciani@novell.com
|
|
|
|
- Stopped deleting user casaatsd during RPM un-install to avoid
|
|
issues with orphaned files.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 31 12:25:30 MST 2007 - jluciani@novell.com
|
|
|
|
- Fixed typo in iaRealms.xml file template which was keeping
|
|
the ATS from running.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 25 15:18:38 MST 2007 - jluciani@novell.com
|
|
|
|
- The keystore path in the server.xml specific to Zen
|
|
installations was wrong.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 24 10:55:40 MST 2007 - jluciani@novell.com
|
|
|
|
- ATS envvars file now does not rely on the environment
|
|
variable JAVA_HOME since it may not be pointed to the
|
|
JVM that we would want to use.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 23 15:19:10 MST 2007 - jluciani@novell.com
|
|
|
|
- More changes to become more compatible with Zen.
|
|
|
|
- Enhanced places where exceptions are thrown to include
|
|
information about exceptions that may have been caught
|
|
to improve debugging.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 22 16:10:36 MST 2007 - jluciani@novell.com
|
|
|
|
- Added the ability to explicitedly configure the type of
|
|
directory back-ending a realm.
|
|
|
|
- Added the ability to configure the search string that should
|
|
be utilized when performing contextless-login as part of
|
|
the Password authentication process.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jan 19 16:30:03 MST 2007 - jluciani@novell.com
|
|
|
|
- Made changes to allow us to build RPMs to be consumed by
|
|
the ZenWorks installer.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 17 16:52:46 MST 2007 - jluciani@novell.com
|
|
|
|
- Fixed BUG225066 (Uninstall doesn't cleanup).
|
|
|
|
- Addressed BUG190821 (CASA-AD - Display name is being used
|
|
instead of the account name).
|
|
|
|
- Added the ability to search an identity source using
|
|
more than one context (search root).
|
|
|
|
- Fixed problem that was keeping us from disabling the
|
|
auto-reconfigure feature by setting the service
|
|
reconfigure interval to 0.
|
|
|
|
- The upgrade path for the ATS was not cleaning up the
|
|
appropriate webapp folder so the new webapp was not
|
|
getting re-deployed.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jan 12 10:23:06 MST 2007 - jluciani@novell.com
|
|
|
|
- Fix issue that was causing authentication to fail when using
|
|
Pwd authentication.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 8 15:26:15 MST 2007 - jluciani@novell.com
|
|
|
|
- Applied changes to solve most issues found during my code
|
|
review of the components.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 13 10:18:25 MST 2006 - jluciani@novell.com
|
|
|
|
- Made changes to deal with API changes in the identity package file.
|
|
Without these changes the component does not build successfully.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 6 10:29:15 MST 2006 - jluciani@novell.com
|
|
|
|
- Added option to the command being used to import
|
|
certificate from the CasaBasicATSSetup script so
|
|
that it works correctly in conjunction with our
|
|
Yast module. This addresses BUG225428.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 4 17:21:00 MST 2006 - jluciani@novell.com
|
|
|
|
- Added a workaround to the CasaBasicATSSetup script to import
|
|
eDirs CA Cert into the Java keystore if it is present. This
|
|
workaround will be removed once OES starts performing it.
|
|
This addresses BUG225428.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 4 15:14:12 MST 2006 - jluciani@novell.com
|
|
|
|
- Fixed "Shutting..." init.d output script problem documented
|
|
in BUG225027.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 4 10:26:16 MST 2006 - jluciani@novell.com
|
|
|
|
- Fixed ATS Setup BUG225426.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 28 09:39:05 MST 2006 - jluciani@novell.com
|
|
|
|
- Fixed a dependency on IBM's Java related to bugs: BUG222541,
|
|
BUG216949, and BUG215221.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 22 08:43:26 MST 2006 - jluciani@novell.com
|
|
|
|
- Resolved the following bugs: BUG222541, BUG216949, BUG215221. :-).
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 21 17:53:20 MST 2006 - jluciani@novell.com
|
|
|
|
- Added NOTICES file detailing the licenses and/or the copyrights
|
|
of all third party software used within the project.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 21 10:36:42 MST 2006 - jluciani@novell.com
|
|
|
|
- Fixed spec file issue.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 17 17:08:13 MST 2006 - jluciani@novell.com
|
|
|
|
- Removed hard dependency on IBM's JVM.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 9 11:42:15 MST 2006 - jluciani@novell.com
|
|
|
|
- Completed the ATS configuration story with a tool that
|
|
sets up all of the needed configuration files and
|
|
parameters with support for a single LDAP Realm and
|
|
server.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 7 10:42:24 MST 2006 - jluciani@novell.com
|
|
|
|
- The service is now only accessible via SSL.
|
|
- Created tools for editing settings and policy files.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 20 09:53:55 MDT 2006 - jluciani@novell.com
|
|
|
|
- Modified the CasaAuthTokenSvc war file to no longer include the
|
|
identity-abstraction jars. The CASA_auth_token_svc rpm now requires
|
|
the installation of the identity-abstraction rpm and the service is
|
|
able to load its files from the location where they are installed
|
|
with settings set in the server.xml file of our tomcat base.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 18 17:22:01 MDT 2006 - jluciani@novell.com
|
|
|
|
- Updated the RPM install of the ATS to install it as a service
|
|
and create the necessary signing keys.
|
|
|
|
- Made changes to other components to integrate with the new
|
|
RPM install changes.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 10 08:45:22 MDT 2006 - jluciani@novell.com
|
|
|
|
- Brought up to date the README and TODO files.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 21 15:41:18 MDT 2006 - jluciani@novell.com
|
|
|
|
- Reduced Kerberos configuration requirements. Now the ATS service
|
|
principal name defaults to "host" and there is no need to set the
|
|
"javax.security.auth.useSubjectCredsOnly" system property to "false"
|
|
in the JAVA_OPTS.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 18 11:18:00 MDT 2006 - jluciani@novell.com
|
|
|
|
- Updated the Svc to reduce the configuration requirements on services
|
|
that want to leverage the infrastructure.
|
|
|
|
- Modified the WSSecurity module to not include the X509 certificate
|
|
in tokens if they are targeted to services residing on the same
|
|
box as the ATS. This is being done in order to minimize the size
|
|
of the tokens.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 14 09:57:00 MDT 2006 - jluciani@novell.com
|
|
|
|
- Made changes to support the Authtoken Validate Service. This now
|
|
fixes support of "C" services.
|
|
|
|
- Switched to using IBMs java instead of SUNs. This was done in order to
|
|
gain better Kerberos support (IBMs Kerberos modul supports more
|
|
encryption types) and to get around a problem in SUN's Invocation API
|
|
that was not letting us consume our AuthToken class from a native thread
|
|
other than the thread which creates the JVM.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 18 11:49:22 MDT 2006 - jluciani@novell.com
|
|
|
|
- Implemented securing Authentication and Session Tokens using WS-Security.
|
|
This change temporarily breaks support of "C" services. "C" service support
|
|
will be resumed once the necessary changes are made to the native authentication
|
|
token APIs to support the new Authentication Tokens.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 14 14:25:27 MDT 2006 - jluciani@novell.com
|
|
|
|
- Added some debug statements and added the sample Jaas application into
|
|
the tar file that is submitted to autobuild.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 7 10:28:32 MDT 2006 - schoi@novell.com
|
|
- This file has been created for CASA_auth_token_svc project for the first
|
|
time.
|
|
|
|
-------------------------------------------------------------------
|
|
|