We should add REST interfaces for managing certificate profiles.
Initial Checkin:
To ssh://vakwetu@git.fedorahosted.org/git/pki.git dbf97df..9eb2c35 master -> master
The following still needs to be fixed:
Then the security constraint can be configured without <auth-constraint> to allow anonymous access:
<security-constraint> <web-resource-collection> <web-resource-name>Profiles</web-resource-name> <url-pattern>/rest/profiles/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
I've tested this with profile-find, it will return different number of results depending on the authentication. This way we won't need to use separate agent/admin interface.
For the profile-find output, I think it would be useful to show some basic info such as profile name and description in addition to the ID and URL.
The profile-show command stores the entire profile into an output file, it doesn't show anything to the screen. I think it would be useful and more consistent to show the profile summary such as id, name, description, input and output attribute names, URL. Then people can optionally specify --output download the entire file.
Does the profile subsystem support renaming a profile? The profile-mod may need to take 2 parameters: the old profile name and an input file containing the new profile name and the new attributes.
Some methods in ProfileService would catch and swallow the exception. It might be better for now to throw a generic exception or just don't catch at all. This way the client will know if there's an error. In the future we can revisit the code to throw more specific errors.
Audit logging needs to be added.
Metadata Update from @nkinder: - Issue assigned to vakwetu - Issue set to the milestone: 10.1 - 08/13 (August)
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/1009
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.