| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: CASA_auth_token_jaas_support | Distribution: openSUSE 10.3 (i586) |
| Version: 1.7.1441 | Vendor: SUSE LINUX Products GmbH, Nuernberg, Germany |
| Release: 35 | Build date: Wed Sep 26 00:23:50 2007 |
| Group: System/Libraries | Build host: poincare.suse.de |
| Size: 548651 | Source RPM: CASA_auth_token_svc-1.7.1441-35.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: http://www.novell.com/products | |
| Summary: Novell CASA Authentication Token JAAS Support Components | |
CASA_auth_token is an authentication token infrastructure with support
for multiple authentication mechanisms with an emphasis on providing a
scalable single sign-on solution.
A key feature of CASA_auth_token is that its authentication tokens
contain identity information about the entity being authenticated. This
information is made available to the consuming services. The amount of
information contained in the tokens is configured on a per-service
basis. Because of this feature, we say that CASA_auth_token projects an
"Authenticated Identity".
The CASA_auth_token_jaas_support package contains the CASA (Common
Authentication Services Adapter) authentication token infrastructure
JAAS module and supporting libraries for token verification.
Authors:
--------
Juan Carlos Luciani - jluciani@novell.com
LGPL v2 or later
internal MD5: c5d5df7ae6a7214921fc1567b4a1d00e
GPG
* Thu Aug 09 2007 - jluciani@novell.com
- Changed tomcat5 dependency to tomcat55 for SuSE versions
greater or equal to 1030 to handle changes in the distribution.
This addresses BUG 297712.
* Fri Jun 29 2007 - jluciani@novell.com
- Added JRE_HOME setting to the envvars file used by the
CASA_auth_token_svc rpm targeted for Zenworks. This addresses
BUG 283074.
* Wed Jun 27 2007 - jluciani@novell.com
- Updated server.xml file used in CASA_auth_token_svc package
delivered to Zen to resolve BUG 283074.
* Mon Jun 25 2007 - jluciani@novell.com
- Removed dependency to jakarta-commons-lang package added when
BUG 278396 was fixed since we found out that the package is
not in the SLES media.
- Added "ATS Access through Web Server" to resolve BUG 287279.
* Fri Jun 08 2007 - jluciani@novell.com
- Fixed problem where we were failing to authenticate users
residing in a container with a "&" in the name. This was
reported in BUG 278396.
* Mon Jun 04 2007 - jluciani@novell.com
- Changed to leverage the server key and certificate
(/etc/ssl/servercerts) if present as part of the solution
to BUG 242891.
- Added a scrip to store the Signing Certificates from trusted
ATSs in the client store. This certificate is executed by the
Yast module when completing the configured ATS trust associations.
This is part of the solution to BUG 242891.
- Changed the ATS to use the certificates in the Trusted ATS Keystore
(the client store) when verifying session tokens. This is part of
the solution to BUG 242891.
- The envvars script for the client now specifies the path that Java
should be using to load native libraries in order to work-around
the problem of the 64bit JVM trying to load 32bit libraries. This
resolves BUG 278825.
* Thu May 24 2007 - jluciani@novell.com
- Fixed problem in TomcatConnectorEditor utility where it was
referencing the wrong path to the server.xml file. This fixes
BUG277839.
* Thu May 10 2007 - jluciani@novell.com
- Removed the temporary work around made to the SPEC files
which was allowing the user casaatsd to have a shell.
- Removed the OES workaround from the CasaBasicATSSetup script
since it is no longer needed.
* Wed May 09 2007 - jluciani@novell.com
- Added the capability to read REALM credentials from miCASA to
avoid having the credentials in the clear in the iaRealms.xml
file. This change adds a dependency on CASA and partially
addresses BUG265414.
- Created a utility that allows users to edit the iaRealms.xml
file. This was necessary to support the CASA ATS Yast Module
enhancements.
- Fixed settings and policy utilities to output error messages
to stderr instead of stdout to avoid messing up the CASA ATS
Yast Module.
- Fixed the SPEC files to set the appropriate home folder for
the casaatsd user.
- Temporary changed the SPEC files to allow the casaatsd user
to have a shell. This change will be reverted as soon as
the CASAcli is updated to allow a root user to pass the
UID of the user being targeted.
* Fri Apr 20 2007 - jluciani@novell.com
- Created utilities for editing the connector entry for the
server.xml Tomcat configuration file so that it can be
easily modified so that the Tomcat instance utilized by
the ATS use a different Keystore and be able to leverage
Certificate/Keys installed for other products. This is
the first step in the resolution of BUG242891.
* Wed Apr 18 2007 - jluciani@novell.com
- Fixed authentication problems where extended characters are
part of either the username, password, or the information
contained in the session or authentication tokens. This
takes care of BUG263007.
* Tue Apr 17 2007 - jluciani@novell.com
- Fixed access rights to the /etc/CASA/authtoken/svc folder and
its sub-folders to allow members of the casaauth group to
configure themselves. This resolves BUG265580.
* Mon Apr 02 2007 - jluciani@novell.com
- Added pwdutils to BuildRequires to fix build issue.
* Wed Mar 21 2007 - jluciani@novell.com
- Fixed BUG256569. The changes allow the ATS to fail-over to another
LDAP server in the case of a communication failure.
* Mon Mar 19 2007 - jluciani@novell.com
- Fixed BUG242969 by removing the log files that get created by
the Windows install of the ATS.
- Fixed BUG251942 by updating the Windows install file responsible
for setting up the log4j.properties file so that it properly
escapes the path characters.
- Fixed BUG250413 by lowering the priority of the messages being
logged and by increasing the log level priority to "warn" in
the log4j.properties file.
- Fixed BUG243339 by codding directly to the classes provided by
xmlsec and taking care of building SOAP messages with the
necessary WS-Security headers.
* Mon Mar 05 2007 - jluciani@novell.com
- Fixed logging issues under Windows.
* Thu Feb 22 2007 - jluciani@novell.com
- Switched logging from Standard Out to using Log4j. Now the
logging and tracing levels can be adjusted via the
log4j.properties file. The changes separate logs done for
tracing Rpc processing from regular logs. These changes
take care of BUG243343.
* Tue Feb 13 2007 - jluciani@novell.com
- Made changes to deal with recommendations given by Greg as
a result of the code review that he performed.
- Added check to protect against zero length passwords in the
Pwd authentication mechanism.
- Fixed issue that was not allowing us to associate a PID file
with the ATS service.
- Stopped deleting the user "casaatsd" during RPM un-install to
avoid problems with orphaned files.
* Mon Feb 12 2007 - jluciani@novell.com
- Stopped deleting user casaatsd during RPM un-install to avoid
issues with orphaned files.
* Wed Jan 31 2007 - jluciani@novell.com
- Fixed typo in iaRealms.xml file template which was keeping
the ATS from running.
* Thu Jan 25 2007 - jluciani@novell.com
- The keystore path in the server.xml specific to Zen
installations was wrong.
* Wed Jan 24 2007 - jluciani@novell.com
- ATS envvars file now does not rely on the environment
variable JAVA_HOME since it may not be pointed to the
JVM that we would want to use.
* Tue Jan 23 2007 - jluciani@novell.com
- More changes to become more compatible with Zen.
- Enhanced places where exceptions are thrown to include
information about exceptions that may have been caught
to improve debugging.
* Mon Jan 22 2007 - jluciani@novell.com
- Added the ability to explicitedly configure the type of
directory back-ending a realm.
- Added the ability to configure the search string that should
be utilized when performing contextless-login as part of
the Password authentication process.
* Fri Jan 19 2007 - jluciani@novell.com
- Made changes to allow us to build RPMs to be consumed by
the ZenWorks installer.
* Wed Jan 17 2007 - jluciani@novell.com
- Fixed BUG225066 (Uninstall doesn't cleanup).
- Addressed BUG190821 (CASA-AD - Display name is being used
instead of the account name).
- Added the ability to search an identity source using
more than one context (search root).
- Fixed problem that was keeping us from disabling the
auto-reconfigure feature by setting the service
reconfigure interval to 0.
- The upgrade path for the ATS was not cleaning up the
appropriate webapp folder so the new webapp was not
getting re-deployed.
* Fri Jan 12 2007 - jluciani@novell.com
- Fix issue that was causing authentication to fail when using
Pwd authentication.
* Mon Jan 08 2007 - jluciani@novell.com
- Applied changes to solve most issues found during my code
review of the components.
* Wed Dec 13 2006 - jluciani@novell.com
- Made changes to deal with API changes in the identity package file.
Without these changes the component does not build successfully.
* Wed Dec 06 2006 - jluciani@novell.com
- Added option to the command being used to import
certificate from the CasaBasicATSSetup script so
that it works correctly in conjunction with our
Yast module. This addresses BUG225428.
* Mon Dec 04 2006 - jluciani@novell.com
- Added a workaround to the CasaBasicATSSetup script to import
eDirs CA Cert into the Java keystore if it is present. This
workaround will be removed once OES starts performing it.
This addresses BUG225428.
* Mon Dec 04 2006 - jluciani@novell.com
- Fixed "Shutting..." init.d output script problem documented
in BUG225027.
* Mon Dec 04 2006 - jluciani@novell.com
- Fixed ATS Setup BUG225426.
* Tue Nov 28 2006 - jluciani@novell.com
- Fixed a dependency on IBM's Java related to bugs: BUG222541,
BUG216949, and BUG215221.
* Wed Nov 22 2006 - jluciani@novell.com
- Resolved the following bugs: BUG222541, BUG216949, BUG215221. :-).
* Tue Nov 21 2006 - jluciani@novell.com
- Added NOTICES file detailing the licenses and/or the copyrights
of all third party software used within the project.
* Tue Nov 21 2006 - jluciani@novell.com
- Fixed spec file issue.
* Fri Nov 17 2006 - jluciani@novell.com
- Removed hard dependency on IBM's JVM.
* Thu Nov 09 2006 - jluciani@novell.com
- Completed the ATS configuration story with a tool that
sets up all of the needed configuration files and
parameters with support for a single LDAP Realm and
server.
* Tue Nov 07 2006 - jluciani@novell.com
- The service is now only accessible via SSL.
- Created tools for editing settings and policy files.
* Fri Oct 20 2006 - jluciani@novell.com
- Modified the CasaAuthTokenSvc war file to no longer include the
identity-abstraction jars. The CASA_auth_token_svc rpm now requires
the installation of the identity-abstraction rpm and the service is
able to load its files from the location where they are installed
with settings set in the server.xml file of our tomcat base.
* Wed Oct 18 2006 - jluciani@novell.com
- Updated the RPM install of the ATS to install it as a service
and create the necessary signing keys.
- Made changes to other components to integrate with the new
RPM install changes.
* Tue Oct 10 2006 - jluciani@novell.com
- Brought up to date the README and TODO files.
* Thu Sep 21 2006 - jluciani@novell.com
- Reduced Kerberos configuration requirements. Now the ATS service
principal name defaults to "host" and there is no need to set the
"javax.security.auth.useSubjectCredsOnly" system property to "false"
in the JAVA_OPTS.
* Mon Sep 18 2006 - jluciani@novell.com
- Updated the Svc to reduce the configuration requirements on services
that want to leverage the infrastructure.
- Modified the WSSecurity module to not include the X509 certificate
in tokens if they are targeted to services residing on the same
box as the ATS. This is being done in order to minimize the size
of the tokens.
* Thu Sep 14 2006 - jluciani@novell.com
- Made changes to support the Authtoken Validate Service. This now
fixes support of "C" services.
- Switched to using IBMs java instead of SUNs. This was done in order to
gain better Kerberos support (IBMs Kerberos modul supports more
encryption types) and to get around a problem in SUN's Invocation API
that was not letting us consume our AuthToken class from a native thread
other than the thread which creates the JVM.
* Fri Aug 18 2006 - jluciani@novell.com
- Implemented securing Authentication and Session Tokens using WS-Security.
This change temporarily breaks support of "C" services. "C" service support
will be resumed once the necessary changes are made to the native authentication
token APIs to support the new Authentication Tokens.
* Mon Aug 14 2006 - jluciani@novell.com
- Added some debug statements and added the sample Jaas application into
the tar file that is submitted to autobuild.
* Mon Aug 07 2006 - schoi@novell.com
- This file has been created for CASA_auth_token_svc project for the first
time.
/etc/CASA /etc/CASA/authtoken /etc/CASA/authtoken/keys /etc/CASA/authtoken/keys/client /etc/CASA/authtoken/keys/client/casa_crypto.properties /usr/share/java/CASA /usr/share/java/CASA/authtoken /usr/share/java/CASA/authtoken/CasaAuthToken-1.7.1441.jar /usr/share/java/CASA/authtoken/CasaAuthToken.jar /usr/share/java/CASA/authtoken/CasaJaasSupport-1.7.1441.jar /usr/share/java/CASA/authtoken/CasaJaasSupport.jar /usr/share/java/CASA/authtoken/bin /usr/share/java/CASA/authtoken/bin/client_keystore_setup.sh /usr/share/java/CASA/authtoken/external /usr/share/java/CASA/authtoken/external/apache.org /usr/share/java/CASA/authtoken/external/apache.org/LICENSE /usr/share/java/CASA/authtoken/external/apache.org/xmlsec-1.4.0.jar
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Jan 8 04:55:20 2009