Re: [Pki-devel] [PATCH] 758 Fixed error handling in ProxyRealm.

2016-05-27 Thread Endi Sukma Dewata 

On 5/25/2016 10:34 PM, Endi Sukma Dewata wrote:

The ProxyRealms for Tomcat 7 and 8 have been modified to return an
error if the subsystem is not available instead of falling back to
username/password authentication.

https://fedorahosted.org/pki/ticket/2326


ACKed by alee (thanks!). Pushed to master.

--
Endi S. Dewata

___
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel

[Pki-devel] [PATCH] 759 Fixed hard-coded database name for TPS VLV indexes.

2016-05-27 Thread Endi Sukma Dewata 

The vlv.ldif for TPS has been modified to remove the hard-coded
database name and to use customizable parameter instead.

The token and activity REST services have been modified to search
the database using VLV.

The existing database can be fixed using the following procedure:
http://pki.fedoraproject.org/wiki/Database_Upgrade_for_PKI_10.3.x#Relocating_VLV_indexes

https://fedorahosted.org/pki/ticket/2342

--
Endi S. Dewata
>From 7b0bcb4fe119be96152be9bcd0ece201c8bc7791 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" 
Date: Fri, 27 May 2016 03:11:08 +0200
Subject: [PATCH] Fixed hard-coded database name for TPS VLV indexes.

The vlv.ldif for TPS has been modified to remove the hard-coded
database name and to use customizable parameter instead.

The token and activity REST services have been modified to search
the database using VLV.

The existing database can be fixed using the following procedure:
http://pki.fedoraproject.org/wiki/Database_Upgrade_for_PKI_10.3.x#Relocating_VLV_indexes

https://fedorahosted.org/pki/ticket/2342
---
 .../src/com/netscape/cmscore/dbs/LDAPDatabase.java | 20 +
 base/tps-client/scripts/addVLVIndexes.ldif | 12 
 base/tps-client/scripts/vlvtasks.ldif  |  2 +-
 base/tps/shared/conf/vlv.ldif  | 12 
 base/tps/shared/conf/vlvtasks.ldif |  2 +-
 .../dogtagpki/server/tps/dbs/ActivityDatabase.java |  2 +-
 .../dogtagpki/server/tps/dbs/TokenDatabase.java|  2 +-
 .../dogtagpki/server/tps/rest/ActivityService.java | 34 --
 .../dogtagpki/server/tps/rest/TokenService.java| 28 +-
 9 files changed, 68 insertions(+), 46 deletions(-)

diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java
index 3e9f25e95ca1f41402bed2510b5139c452a57e5a..48d15950e7c4589a7d285fd0c5036162d99f330d 100644
--- a/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java
+++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java
@@ -16,6 +16,7 @@ import com.netscape.certsrv.dbs.IDBRegistry;
 import com.netscape.certsrv.dbs.IDBSSession;
 import com.netscape.certsrv.dbs.IDBSearchResults;
 import com.netscape.certsrv.dbs.IDBSubsystem;
+import com.netscape.certsrv.dbs.IDBVirtualList;
 import com.netscape.certsrv.dbs.Modification;
 import com.netscape.certsrv.dbs.ModificationSet;
 import com.netscape.cmsutil.ldap.LDAPUtil;
@@ -140,6 +141,25 @@ public abstract class LDAPDatabase extends Database {
 }
 }
 
+public IDBVirtualList findRecords(String keyword, Map attributes,
+String sortKey, int pageSize) throws Exception {
+
+CMS.debug("LDAPDatabase: findRecords()");
+
+try (IDBSSession session = dbSubsystem.createSession()) {
+
+String ldapFilter = createFilter(keyword, attributes);
+CMS.debug("LDAPDatabase: searching " + baseDN + " with filter " + ldapFilter);
+
+return session.createVirtualList(
+baseDN,
+ldapFilter,
+null,
+sortKey,
+pageSize);
+}
+}
+
 @SuppressWarnings("unchecked")
 @Override
 public E getRecord(String id) throws Exception {
diff --git a/base/tps-client/scripts/addVLVIndexes.ldif b/base/tps-client/scripts/addVLVIndexes.ldif
index 9dc86ece1c3193da955fe44811173b92eaeea4d8..0ce0437e2c6d1c749554362530545474a05ddacb 100644
--- a/base/tps-client/scripts/addVLVIndexes.ldif
+++ b/base/tps-client/scripts/addVLVIndexes.ldif
@@ -18,23 +18,23 @@
 # All rights reserved.
 # --- END COPYRIGHT BLOCK ---
 #
-dn: cn=tus-listTokens-vlv,cn=userRoot,cn=ldbm database,cn=plugins,cn=config
-cn: tus-listtokens-vlv
+dn: cn=listtokens,cn={database},cn=ldbm database,cn=plugins,cn=config
+cn: listtokens
 objectClass: top
 objectClass: vlvsearch
 vlvBase: ou=Tokens,$TOKENDB_ROOT
 vlvFilter: (&(cn=*)(tokenUserID=*))
 vlvScope: 2
 
-dn: cn=tus-listActivities-vlv,cn=userRoot,cn=ldbm database,cn=plugins,cn=config
-cn: tus-listActivities-vlv
+dn: cn=listActivities,cn={database},cn=ldbm database,cn=plugins,cn=config
+cn: listActivities
 objectClass: top
 objectClass: vlvsearch
 vlvBase: ou=Activities,$TOKENDB_ROOT
 vlvFilter: (&(tokenID=*)(tokenUserID=*))
 vlvScope: 2
 
-dn: cn=listTokensIndex,cn=tus-listTokens-vlv,cn=userRoot,cn=ldbm database,cn=plugins,cn=config
+dn: cn=listTokensIndex,cn=listtokens,cn={database},cn=ldbm database,cn=plugins,cn=config
 cn: listTokensIndex
 objectClass: top
 objectClass: vlvindex
@@ -42,7 +42,7 @@ vlvSort: -dateOfModify
 vlvEnabled: 1
 vlvUses: 0
 
-dn: cn=listActivitiesIndex,cn=tus-listActivities-vlv,cn=userRoot,cn=ldbm database,cn=plugins,cn=config
+dn: cn=listActivitiesIndex,cn=listActivities,cn={database},cn=ldbm database,cn=plugins,cn=config
 cn: listActivitiesIndex
 objectClass: top
 objectClass: vlvindex
diff --git