[Pki-devel] [PATCH] 581 Added direct deployment for all subsystems.
Endi Sukma Dewata
edewata at redhat.com
Wed Apr 22 16:18:40 UTC 2015
The deployment tool has been modified to deploy all subsystems
directly from the /usr/share/pki. This will simplify updating
the templates in the web applications.
https://fedorahosted.org/pki/ticket/499
--
Endi S. Dewata
-------------- next part --------------
From 99e79c1f8dc8443437d366f72bf6297d41c3baa2 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata at redhat.com>
Date: Wed, 22 Apr 2015 04:07:03 -0400
Subject: [PATCH] Added direct deployment for all subsystems.
The deployment tool has been modified to deploy all subsystems
directly from the /usr/share/pki. This will simplify updating
the templates in the web applications.
https://fedorahosted.org/pki/ticket/499
---
.../shared/webapps/ca/WEB-INF/velocity.properties | 2 +-
.../shared/webapps/ca/ee/ca/ProfileSelect.template | 2 +-
base/ca/tomcat7/conf/Catalina/localhost/ca.xml | 2 +-
base/ca/tomcat8/conf/Catalina/localhost/ca.xml | 2 +-
.../shared/webapps/kra/WEB-INF/velocity.properties | 2 +-
base/kra/tomcat7/conf/Catalina/localhost/kra.xml | 2 +-
base/kra/tomcat8/conf/Catalina/localhost/kra.xml | 2 +-
.../webapps/ocsp/WEB-INF/velocity.properties | 2 +-
base/ocsp/tomcat7/conf/Catalina/localhost/ocsp.xml | 2 +-
base/ocsp/tomcat8/conf/Catalina/localhost/ocsp.xml | 2 +-
.../python/pki/server/deployment/pkiparser.py | 12 ---
.../deployment/scriptlets/slot_substitution.py | 11 ---
.../deployment/scriptlets/webapp_deployment.py | 101 ++-------------------
base/server/scripts/operations | 87 ------------------
.../shared/webapps/tks/WEB-INF/velocity.properties | 2 +-
base/tks/tomcat7/conf/Catalina/localhost/tks.xml | 2 +-
base/tks/tomcat8/conf/Catalina/localhost/tks.xml | 2 +-
specs/pki-core.spec | 27 ++++--
18 files changed, 37 insertions(+), 227 deletions(-)
diff --git a/base/ca/shared/webapps/ca/WEB-INF/velocity.properties b/base/ca/shared/webapps/ca/WEB-INF/velocity.properties
index 2dfae4bca8f95449b1bf3c7671b700d927722301..d0c99b118c2f8c5d9cedac59ba99a6259c469622 100644
--- a/base/ca/shared/webapps/ca/WEB-INF/velocity.properties
+++ b/base/ca/shared/webapps/ca/WEB-INF/velocity.properties
@@ -1,6 +1,6 @@
resource.loader = file
file.resource.loader.class = org.apache.velocity.runtime.resource.loader.FileResourceLoader
-file.resource.loader.path = [PKI_INSTANCE_PATH]/[PKI_WEBAPPS_NAME]/[PKI_SUBSYSTEM_TYPE]
+file.resource.loader.path = /usr/share/pki/ca/webapps/ca
file.resource.loader.cache = true
file.resource.loader.modificationCheckInterval = 2
input.encoding=UTF-8
diff --git a/base/ca/shared/webapps/ca/ee/ca/ProfileSelect.template b/base/ca/shared/webapps/ca/ee/ca/ProfileSelect.template
index 75678e91d7a708d806e464babd8394b1c4cae732..0e68e36e9bd1381ab81f2a7d1d4ab0ce33e50a41 100644
--- a/base/ca/shared/webapps/ca/ee/ca/ProfileSelect.template
+++ b/base/ca/shared/webapps/ca/ee/ca/ProfileSelect.template
@@ -345,7 +345,7 @@ function setCRMFRequest()
var uri = 'profileSubmit';
if (typeof(authName) != "undefined") {
if (authIsSSLClientRequired == 'true') {
- uri = 'https://[PKI_HOSTNAME]:[PKI_EE_SECURE_CLIENT_AUTH_PORT_UI]/[PKI_SUBSYSTEM_TYPE]/eeca/[PKI_SUBSYSTEM_TYPE]/profileSubmitSSLClient';
+ uri = '/ca/eeca/ca/profileSubmitSSLClient';
}
}
if (navigator.appName == "Microsoft Internet Explorer") {
diff --git a/base/ca/tomcat7/conf/Catalina/localhost/ca.xml b/base/ca/tomcat7/conf/Catalina/localhost/ca.xml
index e838503a64e5442e114cf4e18f616fdffe39b647..1e2e43d592cd72b2e7be425dcd1f5f7ae052338d 100644
--- a/base/ca/tomcat7/conf/Catalina/localhost/ca.xml
+++ b/base/ca/tomcat7/conf/Catalina/localhost/ca.xml
@@ -22,7 +22,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<Context crossContext="true" allowLinking="true">
+<Context docBase="/usr/share/pki/ca/webapps/ca" crossContext="true" allowLinking="true">
<Manager
secureRandomProvider="Mozilla-JSS" secureRandomAlgorithm="pkcs11prng"/>
diff --git a/base/ca/tomcat8/conf/Catalina/localhost/ca.xml b/base/ca/tomcat8/conf/Catalina/localhost/ca.xml
index 2c045dec7beedf3ac5502ed26916d10ca42ade4c..46f270817a58282b950b75a15bb3bd052f178f0c 100644
--- a/base/ca/tomcat8/conf/Catalina/localhost/ca.xml
+++ b/base/ca/tomcat8/conf/Catalina/localhost/ca.xml
@@ -22,7 +22,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<Context crossContext="true">
+<Context docBase="/usr/share/pki/ca/webapps/ca" crossContext="true">
<Manager
secureRandomProvider="Mozilla-JSS" secureRandomAlgorithm="pkcs11prng"/>
diff --git a/base/kra/shared/webapps/kra/WEB-INF/velocity.properties b/base/kra/shared/webapps/kra/WEB-INF/velocity.properties
index 2dfae4bca8f95449b1bf3c7671b700d927722301..ab2be932882009f6306bdd739a458aaf21c5e8e9 100644
--- a/base/kra/shared/webapps/kra/WEB-INF/velocity.properties
+++ b/base/kra/shared/webapps/kra/WEB-INF/velocity.properties
@@ -1,6 +1,6 @@
resource.loader = file
file.resource.loader.class = org.apache.velocity.runtime.resource.loader.FileResourceLoader
-file.resource.loader.path = [PKI_INSTANCE_PATH]/[PKI_WEBAPPS_NAME]/[PKI_SUBSYSTEM_TYPE]
+file.resource.loader.path = /usr/share/pki/kra/webapps/kra
file.resource.loader.cache = true
file.resource.loader.modificationCheckInterval = 2
input.encoding=UTF-8
diff --git a/base/kra/tomcat7/conf/Catalina/localhost/kra.xml b/base/kra/tomcat7/conf/Catalina/localhost/kra.xml
index e838503a64e5442e114cf4e18f616fdffe39b647..d1880e4877522befb620b12ca7500af68076edbd 100644
--- a/base/kra/tomcat7/conf/Catalina/localhost/kra.xml
+++ b/base/kra/tomcat7/conf/Catalina/localhost/kra.xml
@@ -22,7 +22,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<Context crossContext="true" allowLinking="true">
+<Context docBase="/usr/share/pki/kra/webapps/kra" crossContext="true" allowLinking="true">
<Manager
secureRandomProvider="Mozilla-JSS" secureRandomAlgorithm="pkcs11prng"/>
diff --git a/base/kra/tomcat8/conf/Catalina/localhost/kra.xml b/base/kra/tomcat8/conf/Catalina/localhost/kra.xml
index 2c045dec7beedf3ac5502ed26916d10ca42ade4c..63bd1da4a2df6e3493acf3818bde42894a39745e 100644
--- a/base/kra/tomcat8/conf/Catalina/localhost/kra.xml
+++ b/base/kra/tomcat8/conf/Catalina/localhost/kra.xml
@@ -22,7 +22,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<Context crossContext="true">
+<Context docBase="/usr/share/pki/kra/webapps/kra" crossContext="true">
<Manager
secureRandomProvider="Mozilla-JSS" secureRandomAlgorithm="pkcs11prng"/>
diff --git a/base/ocsp/shared/webapps/ocsp/WEB-INF/velocity.properties b/base/ocsp/shared/webapps/ocsp/WEB-INF/velocity.properties
index 5cd0454cce3a0a93dccd01fbf4c55cc71b77fc2a..b19bdeae8ccfed18ee7a75e7c3fe4005690c8523 100644
--- a/base/ocsp/shared/webapps/ocsp/WEB-INF/velocity.properties
+++ b/base/ocsp/shared/webapps/ocsp/WEB-INF/velocity.properties
@@ -5,7 +5,7 @@
#
resource.loader = file
file.resource.loader.class = org.apache.velocity.runtime.resource.loader.FileResourceLoader
-file.resource.loader.path = [PKI_INSTANCE_PATH]/[PKI_WEBAPPS_NAME]/[PKI_SUBSYSTEM_TYPE]
+file.resource.loader.path = /usr/share/pki/ocsp/webapps/ocsp
file.resource.loader.cache = true
file.resource.loader.modificationCheckInterval = 2
input.encoding=UTF-8
diff --git a/base/ocsp/tomcat7/conf/Catalina/localhost/ocsp.xml b/base/ocsp/tomcat7/conf/Catalina/localhost/ocsp.xml
index e838503a64e5442e114cf4e18f616fdffe39b647..b7884c98892e3dfac17696d24d0e7eb465588a44 100644
--- a/base/ocsp/tomcat7/conf/Catalina/localhost/ocsp.xml
+++ b/base/ocsp/tomcat7/conf/Catalina/localhost/ocsp.xml
@@ -22,7 +22,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<Context crossContext="true" allowLinking="true">
+<Context docBase="/usr/share/pki/ocsp/webapps/ocsp" crossContext="true" allowLinking="true">
<Manager
secureRandomProvider="Mozilla-JSS" secureRandomAlgorithm="pkcs11prng"/>
diff --git a/base/ocsp/tomcat8/conf/Catalina/localhost/ocsp.xml b/base/ocsp/tomcat8/conf/Catalina/localhost/ocsp.xml
index 2c045dec7beedf3ac5502ed26916d10ca42ade4c..ca0e78eb85f9868a9a6c855c64c042931f693a88 100644
--- a/base/ocsp/tomcat8/conf/Catalina/localhost/ocsp.xml
+++ b/base/ocsp/tomcat8/conf/Catalina/localhost/ocsp.xml
@@ -22,7 +22,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<Context crossContext="true">
+<Context docBase="/usr/share/pki/ocsp/webapps/ocsp" crossContext="true">
<Manager
secureRandomProvider="Mozilla-JSS" secureRandomAlgorithm="pkcs11prng"/>
diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py
index e37b0e4a563030145a39cd911064830926f79dc3..d1ade4d920ca625c7f0270a546d0ee1dafb5c137 100644
--- a/base/server/python/pki/server/deployment/pkiparser.py
+++ b/base/server/python/pki/server/deployment/pkiparser.py
@@ -654,11 +654,6 @@ class PKIConfigParser:
self.mdict['pki_instance_configuration_path'],
"tomcat.conf")
# in-place slot substitution name/value pairs
- self.mdict['pki_target_velocity_properties'] = \
- os.path.join(
- self.mdict['pki_tomcat_webapps_subsystem_path'],
- "WEB-INF",
- "velocity.properties")
self.mdict['pki_target_subsystem_web_xml'] = \
os.path.join(
self.mdict['pki_tomcat_webapps_subsystem_path'],
@@ -708,13 +703,6 @@ class PKIConfigParser:
os.path.join(
self.mdict['pki_subsystem_configuration_path'],
"subsystemCert.profile")
- # in-place slot substitution name/value pairs
- self.mdict['pki_target_profileselect_template'] = \
- os.path.join(
- self.mdict['pki_tomcat_webapps_subsystem_path'],
- "ee",
- self.mdict['pki_subsystem'].lower(),
- "ProfileSelect.template")
elif self.mdict['pki_subsystem'] == "KRA":
# '*.profile'
self.mdict['pki_target_servercert_profile'] = \
diff --git a/base/server/python/pki/server/deployment/scriptlets/slot_substitution.py b/base/server/python/pki/server/deployment/scriptlets/slot_substitution.py
index f86ae49003c0690f553a457abe45d0c43b746d70..3baef04b9f1cb962eba7e0d29459c587b1f876bd 100644
--- a/base/server/python/pki/server/deployment/scriptlets/slot_substitution.py
+++ b/base/server/python/pki/server/deployment/scriptlets/slot_substitution.py
@@ -70,15 +70,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
deployer.mdict['pki_target_tomcat_conf'],
overwrite_flag=True)
- # Configure web.xml and velocity.properties for each subsystem.
- # For TPS this is not necessary since the files are no longer
- # copied to the target location in the instance directory.
- if deployer.mdict['pki_subsystem'] != "TPS":
- deployer.file.apply_slot_substitution(
- deployer.mdict['pki_target_velocity_properties'])
- deployer.file.apply_slot_substitution(
- deployer.mdict['pki_target_subsystem_web_xml'])
-
# Strip "<filter>" section from subsystem "web.xml"
# This is ONLY necessary because XML comments cannot be "nested"!
# deployer.file.copy(deployer.mdict['pki_target_subsystem_web_xml'],
@@ -94,8 +85,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
deployer.file.copy_with_slot_substitution(
deployer.mdict['pki_source_proxy_conf'],
deployer.mdict['pki_target_proxy_conf'])
- deployer.file.apply_slot_substitution(
- deployer.mdict['pki_target_profileselect_template'])
elif deployer.mdict['pki_subsystem'] == "TPS":
deployer.file.copy_with_slot_substitution(
deployer.mdict['pki_source_registry_cfg'],
diff --git a/base/server/python/pki/server/deployment/scriptlets/webapp_deployment.py b/base/server/python/pki/server/deployment/scriptlets/webapp_deployment.py
index f021a0e9a01afa3417a86dc66eab188e43dc3504..b0a1113e6c5d61c7a538b0eadce7403ee4226778 100644
--- a/base/server/python/pki/server/deployment/scriptlets/webapp_deployment.py
+++ b/base/server/python/pki/server/deployment/scriptlets/webapp_deployment.py
@@ -53,97 +53,14 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
deployer.directory.set_mode(
deployer.mdict['pki_tomcat_subsystem_webapps_path'])
- # For TPS, deploy web application directly from /usr/share/pki.
- if deployer.mdict['pki_subsystem'] == "TPS":
- deployer.deploy_webapp(
- "tps",
- os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- "tps",
- "webapps",
- "tps"),
- os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- "tps",
- "conf",
- "Catalina",
- "localhost",
- "tps.xml"))
-
- return self.rv
-
- # For other subsystems, deploy as custom web application.
-
- # Copy /usr/share/pki/<subsystem>/webapps/<subsystem>
- # to <instance>/<subsystem>/webapps/<subsystem>
- deployer.directory.copy(
- os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- deployer.mdict['pki_subsystem'].lower(),
- "webapps",
- deployer.mdict['pki_subsystem'].lower()),
- deployer.mdict['pki_tomcat_webapps_subsystem_path'],
- overwrite_flag=True)
-
- # Copy /usr/share/pki/server/webapps/pki/admin
- # to <instance>/<subsystem>/webapps/<subsystem>/admin
- # TODO: common templates should be deployed in common webapp
- deployer.directory.copy(
- os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- "server",
- "webapps",
- "pki",
- "admin"),
- os.path.join(
- deployer.mdict['pki_tomcat_webapps_subsystem_path'],
- "admin"),
- overwrite_flag=True)
-
- deployer.directory.create(
- deployer.mdict['pki_tomcat_webapps_subsystem_webinf_classes_path'])
- deployer.directory.create(
- deployer.mdict['pki_tomcat_webapps_subsystem_webinf_lib_path'])
- # establish Tomcat webapps subsystem WEB-INF lib symbolic links
- deployer.symlink.create(
- deployer.mdict['pki_certsrv_jar'],
- deployer.mdict['pki_certsrv_jar_link'])
- deployer.symlink.create(
- deployer.mdict['pki_cmsbundle'],
- deployer.mdict['pki_cmsbundle_jar_link'])
- deployer.symlink.create(
- deployer.mdict['pki_cmscore'],
- deployer.mdict['pki_cmscore_jar_link'])
- deployer.symlink.create(
- deployer.mdict['pki_cms'],
- deployer.mdict['pki_cms_jar_link'])
- deployer.symlink.create(
- deployer.mdict['pki_cmsutil'],
- deployer.mdict['pki_cmsutil_jar_link'])
- deployer.symlink.create(
- deployer.mdict['pki_nsutil'],
- deployer.mdict['pki_nsutil_jar_link'])
- if deployer.mdict['pki_subsystem'] == "CA":
- deployer.symlink.create(
- deployer.mdict['pki_ca_jar'],
- deployer.mdict['pki_ca_jar_link'])
- elif deployer.mdict['pki_subsystem'] == "KRA":
- deployer.symlink.create(
- deployer.mdict['pki_kra_jar'],
- deployer.mdict['pki_kra_jar_link'])
- elif deployer.mdict['pki_subsystem'] == "OCSP":
- deployer.symlink.create(
- deployer.mdict['pki_ocsp_jar'],
- deployer.mdict['pki_ocsp_jar_link'])
- elif deployer.mdict['pki_subsystem'] == "TKS":
- deployer.symlink.create(
- deployer.mdict['pki_tks_jar'],
- deployer.mdict['pki_tks_jar_link'])
-
- # Deploy subsystem web application.
+ # Deploy web application directly from /usr/share/pki.
deployer.deploy_webapp(
deployer.mdict['pki_subsystem'].lower(),
- deployer.mdict['pki_tomcat_webapps_subsystem_path'],
+ os.path.join(
+ config.PKI_DEPLOYMENT_SOURCE_ROOT,
+ deployer.mdict['pki_subsystem'].lower(),
+ "webapps",
+ deployer.mdict['pki_subsystem'].lower()),
os.path.join(
config.PKI_DEPLOYMENT_SOURCE_ROOT,
deployer.mdict['pki_subsystem'].lower(),
@@ -167,10 +84,4 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
"localhost",
deployer.mdict['pki_subsystem'].lower() + ".xml"))
- # For subsystems other than TPS, delete
- # <instance>/<subsystem>/webapps/<subsystem>.
- if deployer.mdict['pki_subsystem'] != "TPS":
- deployer.directory.delete(
- deployer.mdict['pki_tomcat_webapps_subsystem_path'])
-
return self.rv
diff --git a/base/server/scripts/operations b/base/server/scripts/operations
index 000d32b1dd1df83df18f3ac22c6e7da31550d529..09b35bf126c95a795519251b54646e1e0dcef107 100644
--- a/base/server/scripts/operations
+++ b/base/server/scripts/operations
@@ -1108,11 +1108,6 @@ verify_symlinks()
pki_registry_dir="/etc/sysconfig/pki/${PKI_WEB_SERVER_TYPE}/${PKI_INSTANCE_NAME}"
pki_systemd_dir="/etc/systemd/system/pki-tomcatd.target.wants"
pki_systemd_link="pki-${PKI_WEB_SERVER_TYPE}d@${PKI_INSTANCE_NAME}.service"
- pki_ca_jar_dir="${PKI_INSTANCE_PATH}/ca/webapps/ca/WEB-INF/lib"
- pki_kra_jar_dir="${PKI_INSTANCE_PATH}/kra/webapps/kra/WEB-INF/lib"
- pki_ocsp_jar_dir="${PKI_INSTANCE_PATH}/ocsp/webapps/ocsp/WEB-INF/lib"
- pki_tks_jar_dir="${PKI_INSTANCE_PATH}/tks/webapps/tks/WEB-INF/lib"
- pki_tps_jar_dir="${PKI_INSTANCE_PATH}/tps/webapps/tps/WEB-INF/lib"
# '${PKI_INSTANCE_PATH}' symlinks
base_symlinks=(
@@ -1128,16 +1123,6 @@ verify_symlinks()
[logs]=/var/log/pki/${PKI_INSTANCE_NAME}/ca
[registry]=${pki_registry_dir})
- # '${pki_ca_jar_dir}' symlinks
- ca_jar_symlinks=(
- [pki-certsrv.jar]=${java_dir}/pki/pki-certsrv.jar
- [pki-cms.jar]=${java_dir}/pki/pki-cms.jar
- [pki-cmsbundle.jar]=${java_dir}/pki/pki-cmsbundle.jar
- [pki-cmscore.jar]=${java_dir}/pki/pki-cmscore.jar
- [pki-cmsutil.jar]=${java_dir}/pki/pki-cmsutil.jar
- [pki-nsutil.jar]=${java_dir}/pki/pki-nsutil.jar
- [pki-ca.jar]=${java_dir}/pki/pki-ca.jar)
-
# '${PKI_INSTANCE_PATH}/kra' symlinks
kra_symlinks=(
[alias]=${PKI_INSTANCE_PATH}/alias
@@ -1145,16 +1130,6 @@ verify_symlinks()
[logs]=/var/log/pki/${PKI_INSTANCE_NAME}/kra
[registry]=${pki_registry_dir})
- # '${pki_kra_jar_dir}' symlinks
- kra_jar_symlinks=(
- [pki-certsrv.jar]=${java_dir}/pki/pki-certsrv.jar
- [pki-cms.jar]=${java_dir}/pki/pki-cms.jar
- [pki-cmsbundle.jar]=${java_dir}/pki/pki-cmsbundle.jar
- [pki-cmscore.jar]=${java_dir}/pki/pki-cmscore.jar
- [pki-cmsutil.jar]=${java_dir}/pki/pki-cmsutil.jar
- [pki-nsutil.jar]=${java_dir}/pki/pki-nsutil.jar
- [pki-kra.jar]=${java_dir}/pki/pki-kra.jar)
-
# '${PKI_INSTANCE_PATH}/ocsp' symlinks
ocsp_symlinks=(
[alias]=${PKI_INSTANCE_PATH}/alias
@@ -1162,16 +1137,6 @@ verify_symlinks()
[logs]=/var/log/pki/${PKI_INSTANCE_NAME}/ocsp
[registry]=${pki_registry_dir})
- # '${pki_ocsp_jar_dir}' symlinks
- ocsp_jar_symlinks=(
- [pki-certsrv.jar]=${java_dir}/pki/pki-certsrv.jar
- [pki-cms.jar]=${java_dir}/pki/pki-cms.jar
- [pki-cmsbundle.jar]=${java_dir}/pki/pki-cmsbundle.jar
- [pki-cmscore.jar]=${java_dir}/pki/pki-cmscore.jar
- [pki-cmsutil.jar]=${java_dir}/pki/pki-cmsutil.jar
- [pki-nsutil.jar]=${java_dir}/pki/pki-nsutil.jar
- [pki-ocsp.jar]=${java_dir}/pki/pki-ocsp.jar)
-
# '${PKI_INSTANCE_PATH}/tks' symlinks
tks_symlinks=(
[alias]=${PKI_INSTANCE_PATH}/alias
@@ -1179,16 +1144,6 @@ verify_symlinks()
[logs]=/var/log/pki/${PKI_INSTANCE_NAME}/tks
[registry]=${pki_registry_dir})
- # '${pki_tks_jar_dir}' symlinks
- tks_jar_symlinks=(
- [pki-certsrv.jar]=${java_dir}/pki/pki-certsrv.jar
- [pki-cms.jar]=${java_dir}/pki/pki-cms.jar
- [pki-cmsbundle.jar]=${java_dir}/pki/pki-cmsbundle.jar
- [pki-cmscore.jar]=${java_dir}/pki/pki-cmscore.jar
- [pki-cmsutil.jar]=${java_dir}/pki/pki-cmsutil.jar
- [pki-nsutil.jar]=${java_dir}/pki/pki-nsutil.jar
- [pki-tks.jar]=${java_dir}/pki/pki-tks.jar)
-
# '${PKI_INSTANCE_PATH}/tps' symlinks
tps_symlinks=(
[alias]=${PKI_INSTANCE_PATH}/alias
@@ -1196,16 +1151,6 @@ verify_symlinks()
[logs]=/var/log/pki/${PKI_INSTANCE_NAME}/tps
[registry]=${pki_registry_dir})
- # '${pki_tps_jar_dir}' symlinks
- tps_jar_symlinks=(
- [pki-certsrv.jar]=${java_dir}/pki/pki-certsrv.jar
- [pki-cms.jar]=${java_dir}/pki/pki-cms.jar
- [pki-cmsbundle.jar]=${java_dir}/pki/pki-cmsbundle.jar
- [pki-cmscore.jar]=${java_dir}/pki/pki-cmscore.jar
- [pki-cmsutil.jar]=${java_dir}/pki/pki-cmsutil.jar
- [pki-nsutil.jar]=${java_dir}/pki/pki-nsutil.jar
- [pki-tps.jar]=${java_dir}/pki/pki-tps.jar)
-
# '${pki_common_jar_dir}' symlinks
if ! $debian; then
common_jar_symlinks=(
@@ -1307,14 +1252,6 @@ verify_symlinks()
if [ $rv -ne 0 ]; then
return $rv
fi
- # Detect and correct 'ca_jar_symlinks'
- ca_jar_symlinks_string=$(declare -p ca_jar_symlinks)
- eval "declare -A symlinks=${ca_jar_symlinks_string#*=}"
- check_symlinks ${pki_ca_jar_dir} ${PKI_USER} ${PKI_GROUP}
- rv=$?
- if [ $rv -ne 0 ]; then
- return $rv
- fi
fi
if [ -e ${PKI_INSTANCE_PATH}/kra ]; then
@@ -1326,14 +1263,6 @@ verify_symlinks()
if [ $rv -ne 0 ]; then
return $rv
fi
- # Detect and correct 'kra_jar_symlinks'
- kra_jar_symlinks_string=$(declare -p kra_jar_symlinks)
- eval "declare -A symlinks=${kra_jar_symlinks_string#*=}"
- check_symlinks ${pki_kra_jar_dir} ${PKI_USER} ${PKI_GROUP}
- rv=$?
- if [ $rv -ne 0 ]; then
- return $rv
- fi
fi
if [ -e ${PKI_INSTANCE_PATH}/ocsp ]; then
@@ -1345,14 +1274,6 @@ verify_symlinks()
if [ $rv -ne 0 ]; then
return $rv
fi
- # Detect and correct 'ocsp_jar_symlinks'
- ocsp_jar_symlinks_string=$(declare -p ocsp_jar_symlinks)
- eval "declare -A symlinks=${ocsp_jar_symlinks_string#*=}"
- check_symlinks ${pki_ocsp_jar_dir} ${PKI_USER} ${PKI_GROUP}
- rv=$?
- if [ $rv -ne 0 ]; then
- return $rv
- fi
fi
if [ -e ${PKI_INSTANCE_PATH}/tks ]; then
@@ -1364,14 +1285,6 @@ verify_symlinks()
if [ $rv -ne 0 ]; then
return $rv
fi
- # Detect and correct 'tks_jar_symlinks'
- tks_jar_symlinks_string=$(declare -p tks_jar_symlinks)
- eval "declare -A symlinks=${tks_jar_symlinks_string#*=}"
- check_symlinks ${pki_tks_jar_dir} ${PKI_USER} ${PKI_GROUP}
- rv=$?
- if [ $rv -ne 0 ]; then
- return $rv
- fi
fi
# Detect and correct 'common_jar_symlinks'
diff --git a/base/tks/shared/webapps/tks/WEB-INF/velocity.properties b/base/tks/shared/webapps/tks/WEB-INF/velocity.properties
index 5cd0454cce3a0a93dccd01fbf4c55cc71b77fc2a..65f7f706ba951b4f7e4818b8db73b676e70e01e1 100644
--- a/base/tks/shared/webapps/tks/WEB-INF/velocity.properties
+++ b/base/tks/shared/webapps/tks/WEB-INF/velocity.properties
@@ -5,7 +5,7 @@
#
resource.loader = file
file.resource.loader.class = org.apache.velocity.runtime.resource.loader.FileResourceLoader
-file.resource.loader.path = [PKI_INSTANCE_PATH]/[PKI_WEBAPPS_NAME]/[PKI_SUBSYSTEM_TYPE]
+file.resource.loader.path = /usr/share/pki/tks/webapps/tks
file.resource.loader.cache = true
file.resource.loader.modificationCheckInterval = 2
input.encoding=UTF-8
diff --git a/base/tks/tomcat7/conf/Catalina/localhost/tks.xml b/base/tks/tomcat7/conf/Catalina/localhost/tks.xml
index e838503a64e5442e114cf4e18f616fdffe39b647..f11add6cbfc31f36717978545f0e18dc34cf17ca 100644
--- a/base/tks/tomcat7/conf/Catalina/localhost/tks.xml
+++ b/base/tks/tomcat7/conf/Catalina/localhost/tks.xml
@@ -22,7 +22,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<Context crossContext="true" allowLinking="true">
+<Context docBase="/usr/share/pki/tks/webapps/tks" crossContext="true" allowLinking="true">
<Manager
secureRandomProvider="Mozilla-JSS" secureRandomAlgorithm="pkcs11prng"/>
diff --git a/base/tks/tomcat8/conf/Catalina/localhost/tks.xml b/base/tks/tomcat8/conf/Catalina/localhost/tks.xml
index 2c045dec7beedf3ac5502ed26916d10ca42ade4c..0364ed3a055e0adae26ff0e4898696edd22b5c2f 100644
--- a/base/tks/tomcat8/conf/Catalina/localhost/tks.xml
+++ b/base/tks/tomcat8/conf/Catalina/localhost/tks.xml
@@ -22,7 +22,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<Context crossContext="true">
+<Context docBase="/usr/share/pki/tks/webapps/tks" crossContext="true">
<Manager
secureRandomProvider="Mozilla-JSS" secureRandomAlgorithm="pkcs11prng"/>
diff --git a/specs/pki-core.spec b/specs/pki-core.spec
index 4c24ed6e4e081a4ac4010c1d25fb2cfa1e6849c6..f5a954e0b54eec3038c8e8823269c0ac4be4778b 100644
--- a/specs/pki-core.spec
+++ b/specs/pki-core.spec
@@ -659,15 +659,24 @@ cd build
cd build
%{__make} install DESTDIR=%{buildroot} INSTALL="install -p"
-# Create symlinks for TPS web application
-%{__mkdir_p} %{buildroot}%{_datadir}/pki/tps/webapps/tps/WEB-INF/lib
-ln -s %{_javadir}/pki/pki-nsutil.jar %{buildroot}%{_datadir}/pki/tps/webapps/tps/WEB-INF/lib
-ln -s %{_javadir}/pki/pki-cmsutil.jar %{buildroot}%{_datadir}/pki/tps/webapps/tps/WEB-INF/lib
-ln -s %{_javadir}/pki/pki-certsrv.jar %{buildroot}%{_datadir}/pki/tps/webapps/tps/WEB-INF/lib
-ln -s %{_javadir}/pki/pki-cms.jar %{buildroot}%{_datadir}/pki/tps/webapps/tps/WEB-INF/lib
-ln -s %{_javadir}/pki/pki-cmscore.jar %{buildroot}%{_datadir}/pki/tps/webapps/tps/WEB-INF/lib
-ln -s %{_javadir}/pki/pki-cmsbundle.jar %{buildroot}%{_datadir}/pki/tps/webapps/tps/WEB-INF/lib
-ln -s %{_javadir}/pki/pki-tps.jar %{buildroot}%{_datadir}/pki/tps/webapps/tps/WEB-INF/lib
+# Create symlinks for admin console (TPS does not use admin console)
+for subsystem in ca kra ocsp tks; do
+ %{__mkdir_p} %{buildroot}%{_datadir}/pki/$subsystem/webapps/$subsystem/admin
+ ln -s %{_datadir}/pki/server/webapps/pki/admin/console %{buildroot}%{_datadir}/pki/$subsystem/webapps/$subsystem/admin
+done
+
+# Create symlinks for subsystem libraries
+for subsystem in ca kra ocsp tks tps; do
+ %{__mkdir_p} %{buildroot}%{_datadir}/pki/$subsystem/webapps/$subsystem/WEB-INF/lib
+ ln -s %{_javadir}/pki/pki-nsutil.jar %{buildroot}%{_datadir}/pki/$subsystem/webapps/$subsystem/WEB-INF/lib
+ ln -s %{_javadir}/pki/pki-cmsutil.jar %{buildroot}%{_datadir}/pki/$subsystem/webapps/$subsystem/WEB-INF/lib
+ ln -s %{_javadir}/pki/pki-certsrv.jar %{buildroot}%{_datadir}/pki/$subsystem/webapps/$subsystem/WEB-INF/lib
+ ln -s %{_javadir}/pki/pki-cms.jar %{buildroot}%{_datadir}/pki/$subsystem/webapps/$subsystem/WEB-INF/lib
+ ln -s %{_javadir}/pki/pki-cmscore.jar %{buildroot}%{_datadir}/pki/$subsystem/webapps/$subsystem/WEB-INF/lib
+ ln -s %{_javadir}/pki/pki-cmsbundle.jar %{buildroot}%{_datadir}/pki/$subsystem/webapps/$subsystem/WEB-INF/lib
+ ln -s %{_javadir}/pki/pki-$subsystem.jar %{buildroot}%{_datadir}/pki/$subsystem/webapps/$subsystem/WEB-INF/lib
+done
+
%if %{with server}
--
1.9.3
More information about the Pki-devel
mailing list