346 lines
16 KiB
RPMSpec
346 lines
16 KiB
RPMSpec
#
|
|
# spec file for the CASA_auth_token server-java packages.
|
|
#
|
|
# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
|
# This file and all modifications and additions to the pristine
|
|
# package are under the same license as the package itself.
|
|
#
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org
|
|
#
|
|
|
|
# norootforbuild
|
|
|
|
# For debug build, please replace Release to Debug and set debug_opt to --enable-debug
|
|
%define cfg Release
|
|
%define debug_opt ""
|
|
|
|
|
|
Name: @PACKAGE@
|
|
URL: http://www.novell.com/products
|
|
BuildRequires: gcc-c++ glib2-devel identity-abstraction insserv libstdc++ libstdc++-devel mono-devel pkgconfig servletapi5 sysvinit xerces-j2 xml-commons-apis
|
|
BuildRequires: java-sdk-1.5.0 update-alternatives log4j xalan-j2 jakarta-commons-logging
|
|
%define prefix /usr
|
|
License: LGPL
|
|
Group: Applications/System
|
|
Autoreqprov: on
|
|
%define bldno @VERSION@
|
|
Version: @VERSION@
|
|
Release: 0
|
|
Summary: Novell CASA Authentication Token Service
|
|
Source: %{name}-%{version}.tar.bz2
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
Requires: jre >= 1.5.0
|
|
Requires: servletapi5 tomcat5 sysvinit insserv identity-abstraction sed log4j xalan-j2 jakarta-commons-logging
|
|
PreReq: %fillup_prereq %insserv_prereq
|
|
PreReq: /usr/bin/awk, /usr/bin/test, /bin/grep, /bin/cat, /usr/bin/install, /bin/pwd
|
|
PreReq: /usr/sbin/groupadd, /usr/sbin/useradd, /usr/sbin/userdel, /usr/bin/getent
|
|
BuildArchitectures: noarch
|
|
|
|
%description
|
|
CASA_auth_token is an authentication token infrastructure with support for
|
|
multiple authentication mechanisms with an emphasis on providing a scalable
|
|
single sign-on solution.
|
|
|
|
A key feature of CASA_auth_token is that its authentication tokens contain
|
|
identity information about the entity being authenticated. This information is
|
|
made available to the consuming services. The amount of information contained in
|
|
the tokens is configured on a per-service basis. Because of this feature, we say
|
|
that CASA_auth_token projects an "Authenticated Identity".
|
|
|
|
The CASA_auth_token_svc is the infrastructure component responsible for
|
|
authenticating entities using the native authentication mechanism and for issuing
|
|
tokens that can later be used by applications to authenticate the entity or
|
|
services that are CASA authentication enabled.
|
|
|
|
%package -n CASA_auth_token_jaas_support
|
|
Summary: Novell CASA Authentication Token JAAS Support Components
|
|
Group: Applications/System
|
|
Requires: jre >= 1.5.0
|
|
Requires: log4j xalan-j2 jakarta-commons-logging
|
|
|
|
%description -n CASA_auth_token_jaas_support
|
|
CASA_auth_token is an authentication token infrastructure with support for
|
|
multiple authentication mechanisms with an emphasis on providing a scalable
|
|
single sign-on solution.
|
|
|
|
A key feature of CASA_auth_token is that its authentication tokens contain
|
|
identity information about the entity being authenticated. This information is
|
|
made available to the consuming services. The amount of information contained in
|
|
the tokens is configured on a per-service basis. Because of this feature, we say
|
|
that CASA_auth_token projects an "Authenticated Identity".
|
|
|
|
The CASA_auth_token_jaas_support package contains the CASA (Common Authentication
|
|
Services Adapter) authentication token infrastructure JAAS module and supporting
|
|
libraries for token verification.
|
|
|
|
%prep
|
|
%setup -q
|
|
#%patch
|
|
%if %{_lib} == "lib64"
|
|
%define binsource bin64
|
|
%else
|
|
%define binsource bin
|
|
%endif
|
|
|
|
%build
|
|
export PATH=.:$PATH:/usr/%_lib/qt3/bin
|
|
%if %suse_version > 1000
|
|
export CFLAGS="$CFLAGS $RPM_OPT_FLAGS -fstack-protector"
|
|
%endif
|
|
|
|
./autogen.sh
|
|
make
|
|
|
|
|
|
%install
|
|
|
|
export NO_BRP_CHECK_BYTECODE_VERSION="true"
|
|
|
|
## Prime the file system ##
|
|
install -d %{buildroot}%{prefix}
|
|
install -d %{buildroot}%{prefix}/share
|
|
install -d %{buildroot}%{prefix}/share/java
|
|
install -d %{buildroot}%{prefix}/share/java/CASA
|
|
install -d %{buildroot}%{prefix}/share/java/CASA/authtoken
|
|
install -d %{buildroot}%{prefix}/share/java/CASA/authtoken/bin
|
|
install -d %{buildroot}/srv
|
|
install -d %{buildroot}/srv/www
|
|
install -d %{buildroot}/srv/www/casaats
|
|
install -d -m 700 %{buildroot}/srv/www/casaats
|
|
install -d -m 700 %{buildroot}/srv/www/casaats/conf
|
|
install -d -m 700 %{buildroot}/srv/www/casaats/conf/Catalina
|
|
install -d -m 700 %{buildroot}/srv/www/casaats/conf/Catalina/localhost
|
|
install -d -m 700 %{buildroot}/srv/www/casaats/shared
|
|
install -d -m 700 %{buildroot}/srv/www/casaats/shared/classes
|
|
install -d -m 700 %{buildroot}/srv/www/casaats/shared/libs
|
|
install -d -m 700 %{buildroot}/srv/www/casaats/webapps
|
|
install -d -m 700 %{buildroot}/srv/www/casaats/logs
|
|
install -d -m 700 %{buildroot}/srv/www/casaats/work
|
|
install -d -m 700 %{buildroot}/srv/www/casaats/temp
|
|
install -d %{buildroot}%{prefix}/share/java/CASA/authtoken/external
|
|
install -d %{buildroot}/etc
|
|
install -d %{buildroot}/etc/init.d
|
|
install -d -m 755 %{buildroot}/var/lib/CASA
|
|
install -d -m 755 %{buildroot}/var/lib/CASA/authtoken
|
|
install -d -m 700 %{buildroot}/var/lib/CASA/authtoken/svc
|
|
install -d -m 755 %{buildroot}/etc/CASA
|
|
install -d -m 755 %{buildroot}/etc/CASA/authtoken
|
|
install -d -m 755 %{buildroot}/etc/CASA/authtoken
|
|
install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc
|
|
install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms
|
|
install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authenticate
|
|
install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate
|
|
install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/enabled_services
|
|
install -d -m 700 %{buildroot}/etc/CASA/authtoken/svc/enabled_services/localhost
|
|
install -d -m 755 %{buildroot}/etc/CASA/authtoken/svc/templates
|
|
install -d -m 755 %{buildroot}/etc/CASA/authtoken/keys
|
|
install -d -m 700 %{buildroot}/etc/CASA/authtoken/keys/server
|
|
install -d -m 755 %{buildroot}/etc/CASA/authtoken/keys/client
|
|
|
|
## CASA_auth_token_svc ##
|
|
# Libs
|
|
install -m 755 %{_lib}/java/CasaAuthTokenSvc.war %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaAuthTokenSvc-%{bldno}.war
|
|
install -m 700 %{_lib}/java/CasaAuthTokenSvc.war %{buildroot}/srv/www/casaats/webapps/CasaAuthTokenSvc.war
|
|
install -m 755 %{_lib}/java/CasaAuthTokenSettingsEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor-%{bldno}.jar
|
|
install -m 755 %{_lib}/java/CasaIdenTokenSettingsEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor-%{bldno}.jar
|
|
install -m 755 %{_lib}/java/CasaSvcSettingsEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor-%{bldno}.jar
|
|
install -m 755 %{_lib}/java/CasaAuthPolicyEditor.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor-%{bldno}.jar
|
|
|
|
# Symbolic Links
|
|
ln -sf CasaAuthTokenSvc-%{bldno}.war %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaAuthTokenSvc.war
|
|
ln -sf CasaAuthTokenSettingsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.jar
|
|
ln -sf CasaIdenTokenSettingsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.jar
|
|
ln -sf CasaSvcSettingsEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.jar
|
|
ln -sf CasaAuthPolicyEditor-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar
|
|
|
|
# Settings and configuration files
|
|
install -m 600 Svc/templates/svc.settings %{buildroot}/etc/CASA/authtoken/svc/templates/svc.settings
|
|
install -m 600 Svc/templates/auth.policy %{buildroot}/etc/CASA/authtoken/svc/templates/auth.policy
|
|
install -m 600 Svc/templates/iaRealms.xml %{buildroot}/etc/CASA/authtoken/svc/templates/iaRealms.xml
|
|
install -m 600 Svc/templates/jaas.conf %{buildroot}/etc/CASA/authtoken/svc/templates/jaas.conf
|
|
install -m 600 Svc/templates/authtoken.settings %{buildroot}/etc/CASA/authtoken/svc/authtoken.settings
|
|
install -m 600 Svc/templates/identoken.settings %{buildroot}/etc/CASA/authtoken/svc/identoken.settings
|
|
install -m 600 Svc/src/com/novell/casa/authtoksvc/Krb5_mechanism.settings %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authenticate/mechanism.settings
|
|
install -m 600 Svc/src/com/novell/casa/authtoksvc/Pwd_mechanism.settings %{buildroot}/etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate/mechanism.settings
|
|
install -m 700 Svc/linux/envvars %{buildroot}/etc/CASA/authtoken/svc/envvars
|
|
install -m 700 Svc/linux/log4j.properties %{buildroot}/etc/CASA/authtoken/svc/log4j.properties
|
|
|
|
# Others
|
|
install -m 700 Svc/linux/server_keystore_setup.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/server_keystore_setup.sh
|
|
install -m 700 Svc/linux/CasaBasicATSSetup.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaBasicATSSetup.sh
|
|
install -m 700 Svc/linux/CasaAuthPolicyEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh
|
|
install -m 700 Svc/linux/CasaAuthTokenSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.sh
|
|
install -m 700 Svc/linux/CasaIdenTokenSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.sh
|
|
install -m 700 Svc/linux/CasaSvcSettingsEditor.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.sh
|
|
install -m 755 Svc/linux/CasaAuthtokenSvcD %{buildroot}/etc/init.d/casa_atsd
|
|
|
|
# Tomcat Base files
|
|
install -m 600 Svc/tomcat5/conf/catalina.policy %{buildroot}/srv/www/casaats/conf/catalina.policy
|
|
install -m 600 Svc/tomcat5/conf/catalina.properties %{buildroot}/srv/www/casaats/conf/catalina.properties
|
|
install -m 600 Svc/tomcat5/conf/jk2.properties %{buildroot}/srv/www/casaats/conf/jk2.properties
|
|
install -m 600 Svc/tomcat5/conf/linux/server-ibm.xml %{buildroot}/srv/www/casaats/conf/server-ibm.xml
|
|
install -m 600 Svc/tomcat5/conf/linux/server-sun.xml %{buildroot}/srv/www/casaats/conf/server-sun.xml
|
|
install -m 600 Svc/tomcat5/conf/tomcat-users.xml %{buildroot}/srv/www/casaats/conf/tomcat-users.xml
|
|
install -m 600 Svc/tomcat5/conf/web.xml %{buildroot}/srv/www/casaats/conf/web.xml
|
|
|
|
## CASA_auth_token_jaas_support ##
|
|
# Libs
|
|
install -m 755 %{_lib}/java/CasaJaasSupport.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaJaasSupport-%{bldno}.jar
|
|
install -m 755 %{_lib}/java/CasaAuthToken.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaAuthToken-%{bldno}.jar
|
|
install -m 755 Svc/external/xmlsec/xml-security-1_4_0/libs/xmlsec-1.4.0.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/external/xmlsec-1.4.0.jar
|
|
install -m 644 Jaas/linux/crypto.properties %{buildroot}/etc/CASA/authtoken/keys/client/crypto.properties
|
|
|
|
# Symbolic Links
|
|
ln -sf CasaJaasSupport-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaJaasSupport.jar
|
|
ln -sf CasaAuthToken-%{bldno}.jar %{buildroot}%{prefix}/share/java/CASA/authtoken/CasaAuthToken.jar
|
|
|
|
# Others
|
|
install -m 700 Jaas/linux/client_keystore_setup.sh %{buildroot}%{prefix}/share/java/CASA/authtoken/bin/client_keystore_setup.sh
|
|
|
|
|
|
%clean
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
|
|
## CASA_auth_token_svc ##
|
|
%pre
|
|
|
|
# Do necessary user and group administration
|
|
group_present=`getent group | grep ^casaauth`
|
|
if [ -z "$group_present" ] ; then
|
|
/usr/sbin/groupadd -r casaauth
|
|
fi
|
|
|
|
user_present=`getent passwd | grep ^casaatsd`
|
|
if [ -z "$user_present" ] ; then
|
|
/usr/sbin/useradd -c "casaatsd System User" -s /bin/false -r -d /var/lib/CASA/authtoken/validate -g casaauth casaatsd 2> /dev/null || :
|
|
fi
|
|
|
|
|
|
%post
|
|
# Install casa_atsd init script, set it to not start by default.
|
|
%{fillup_and_insserv casa_atsd}
|
|
|
|
# Setup the keystore for the service
|
|
%{prefix}/share/java/CASA/authtoken/bin/server_keystore_setup.sh
|
|
|
|
%preun
|
|
%stop_on_removal casa_atsd
|
|
|
|
%postun
|
|
# Always undeploy our webapp to force re-deployment on upgrade cases
|
|
echo "Cleaning up webapp folders"
|
|
rm -drf /srv/www/casaats/webapps/CasaAuthTokenSvc
|
|
rm -drf /srv/www/casaats/work/Catalina
|
|
rm -f /srv/www/casaats/conf/server.xml
|
|
|
|
%restart_on_update casa_atsd
|
|
%insserv_cleanup
|
|
|
|
|
|
%files
|
|
%defattr(-,root,root)
|
|
%dir %{prefix}/share/java/CASA
|
|
%dir %{prefix}/share/java/CASA/authtoken
|
|
%dir %{prefix}/share/java/CASA/authtoken/bin
|
|
%dir /var/lib/CASA
|
|
%dir /var/lib/CASA/authtoken
|
|
%dir %attr(-, casaatsd, casaauth) /var/lib/CASA/authtoken/svc
|
|
%dir /etc/CASA
|
|
%dir /etc/CASA/authtoken
|
|
%dir /etc/CASA/authtoken/keys
|
|
%{prefix}/share/java/CASA/authtoken/CasaAuthTokenSvc-%{bldno}.war
|
|
%{prefix}/share/java/CASA/authtoken/CasaAuthTokenSvc.war
|
|
%{prefix}/share/java/CASA/authtoken/bin/server_keystore_setup.sh
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaBasicATSSetup.sh
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.sh
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.sh
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.sh
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.sh
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor-%{bldno}.jar
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.jar
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor-%{bldno}.jar
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.jar
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor-%{bldno}.jar
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.jar
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor-%{bldno}.jar
|
|
%{prefix}/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar
|
|
/etc/init.d/casa_atsd
|
|
%defattr(-,casaatsd,casaauth)
|
|
%dir /srv/www/casaats
|
|
%dir /srv/www/casaats/conf
|
|
%dir /srv/www/casaats/conf/Catalina
|
|
%dir /srv/www/casaats/conf/Catalina/localhost
|
|
%dir /srv/www/casaats/shared
|
|
%dir /srv/www/casaats/shared/classes
|
|
%dir /srv/www/casaats/shared/libs
|
|
%dir /srv/www/casaats/webapps
|
|
%dir /srv/www/casaats/logs
|
|
%dir /srv/www/casaats/work
|
|
%dir /srv/www/casaats/temp
|
|
%dir /etc/CASA/authtoken/svc
|
|
%dir /etc/CASA/authtoken/svc/auth_mechanisms
|
|
%dir /etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authenticate
|
|
%dir /etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate
|
|
%dir /etc/CASA/authtoken/svc/enabled_services
|
|
%dir /etc/CASA/authtoken/svc/enabled_services/localhost
|
|
%dir /etc/CASA/authtoken/svc/templates
|
|
%dir /etc/CASA/authtoken/keys/server
|
|
/srv/www/casaats/webapps/CasaAuthTokenSvc.war
|
|
%config /srv/www/casaats/conf/catalina.policy
|
|
%config /srv/www/casaats/conf/catalina.properties
|
|
%config /srv/www/casaats/conf/jk2.properties
|
|
%config /srv/www/casaats/conf/server-ibm.xml
|
|
%config /srv/www/casaats/conf/server-sun.xml
|
|
%config /srv/www/casaats/conf/tomcat-users.xml
|
|
%config /srv/www/casaats/conf/web.xml
|
|
%config /etc/CASA/authtoken/svc/envvars
|
|
%config /etc/CASA/authtoken/svc/log4j.properties
|
|
/etc/CASA/authtoken/svc/templates/svc.settings
|
|
/etc/CASA/authtoken/svc/templates/auth.policy
|
|
/etc/CASA/authtoken/svc/templates/iaRealms.xml
|
|
/etc/CASA/authtoken/svc/templates/jaas.conf
|
|
%config /etc/CASA/authtoken/svc/authtoken.settings
|
|
%config /etc/CASA/authtoken/svc/identoken.settings
|
|
%config /etc/CASA/authtoken/svc/auth_mechanisms/Krb5Authenticate/mechanism.settings
|
|
%config /etc/CASA/authtoken/svc/auth_mechanisms/PwdAuthenticate/mechanism.settings
|
|
|
|
|
|
## CASA_auth_token_jaas_support ##
|
|
%pre -n CASA_auth_token_jaas_support
|
|
# Nothing to do in this pre script
|
|
|
|
%post -n CASA_auth_token_jaas_support
|
|
/sbin/ldconfig
|
|
|
|
# Setup the keystore for the clients
|
|
%{prefix}/share/java/CASA/authtoken/bin/client_keystore_setup.sh
|
|
|
|
%preun -n CASA_auth_token_jaas_support
|
|
# Nothing to do in this preun script
|
|
|
|
%postun -n CASA_auth_token_jaas_support
|
|
# Nothing to do in this preun script
|
|
|
|
|
|
%files -n CASA_auth_token_jaas_support
|
|
%defattr(-,root,root)
|
|
%dir %{prefix}/share/java/CASA
|
|
%dir %{prefix}/share/java/CASA/authtoken
|
|
%dir %{prefix}/share/java/CASA/authtoken/bin
|
|
%dir %{prefix}/share/java/CASA/authtoken/external
|
|
%dir /etc/CASA
|
|
%dir /etc/CASA/authtoken
|
|
%dir /etc/CASA/authtoken/keys
|
|
%dir /etc/CASA/authtoken/keys/client
|
|
%{prefix}/share/java/CASA/authtoken/CasaJaasSupport-%{bldno}.jar
|
|
%{prefix}/share/java/CASA/authtoken/CasaJaasSupport.jar
|
|
%{prefix}/share/java/CASA/authtoken/CasaAuthToken-%{bldno}.jar
|
|
%{prefix}/share/java/CASA/authtoken/CasaAuthToken.jar
|
|
%{prefix}/share/java/CASA/authtoken/bin/client_keystore_setup.sh
|
|
%{prefix}/share/java/CASA/authtoken/external/xmlsec-1.4.0.jar
|
|
%config /etc/CASA/authtoken/keys/client/crypto.properties
|
|
|
|
|
|
%changelog -n CASA_auth_token_svc
|