c5e9bd6 Clarify AJP connector creation process

1 file Authored by cipherboy 3 years ago, Committed by cheimes 3 years ago,
    Clarify AJP connector creation process
    
    We do two things:
    
     1. Fix the xpath for AJP connector verification. An AJP connector is
        one which has protocol="AJP/1.3", NOT one that has port="8009". An
        AJP connector can exist on any port and port 8009 can have any
        protocol. Secrets only make sense on AJP connectors, so make the
        xpath match the existing comment.
    
     2. Add some background in-line documentation about AJP secret
        provisioning. This should help future developers understand why this
        was added to IPA and what limitations there are in what PKI or IPA
        can do. Most notably, explain why Dogtag can't upgrade the AJP
        connector to have a secret in the general case.
    
    Signed-off-by: Alexander Scheel <ascheel@redhat.com>
    Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>