/[pdpsoft]/trunk/eu.rcauth.pilot-ica/DS/ansible/roles/delegserver
ViewVC logotype

Log of /trunk/eu.rcauth.pilot-ica/DS/ansible/roles/delegserver

View Directory Listing Directory Listing

Sticky Revision:
Revision 3077 - Directory Listing
Modified Mon Aug 8 13:37:02 2016 UTC (5 years, 10 months ago) by msalle 
Add mysql dump and restore scripts plus cronjob for the former.
Move 00-httpoxy from templates to file (it's not a template)
Update the oauth2 war and jar files.
Revision 3074 - Directory Listing
Modified Thu Jul 28 12:59:02 2016 UTC (5 years, 11 months ago) by msalle 
Replace crontab entry with a cron.hourly cronjob by symlinking to the /usr/local
script.
Revision 3072 - Directory Listing
Modified Mon Jul 25 15:51:19 2016 UTC (5 years, 11 months ago) by tamasb 
don't map ShibAuthenticatingAuthority directly into /O=
this will be done by the WAYF from now.


ShibAuthenticatingAuthority can be multi valued (unordered)
in case there is a WAYF after our WAYF. This will cause confusion 
on the  Delegation Server since it expects a single valued 
attribute. The WAYF will take care of extracting the right 
ShibAuthenticatingAuthority (the proxy entityID) and setting 
it in the 'o' attribute sent to the Delegation Server
Revision 3068 - Directory Listing
Modified Mon Jul 25 10:29:51 2016 UTC (5 years, 11 months ago) by tamasb 
enable shibboleth exportAssertion in mod_shib

- also, raise logging to debug on the server
Revision 3066 - Directory Listing
Modified Fri Jul 22 15:41:22 2016 UTC (5 years, 11 months ago) by tamasb 
added HSTS support
Revision 3064 - Directory Listing
Modified Fri Jul 22 14:38:25 2016 UTC (5 years, 11 months ago) by tamasb 
updated SSLCipher rules on httpd config
Revision 3058 - Directory Listing
Modified Tue Jul 19 09:48:12 2016 UTC (5 years, 11 months ago) by tamasb 
fix for httpoxy voulnerability (CVE-2016-5387)
Revision 3057 - Directory Listing
Modified Thu Jul 14 14:18:02 2016 UTC (5 years, 11 months ago) by tamasb 
we don't use a trust store for the DS

it uses the /var/www/server/certificates as a trust root
Revision 3056 - Directory Listing
Modified Thu Jul 14 13:52:58 2016 UTC (5 years, 11 months ago) by tamasb 
changed an outdated comment
Revision 3054 - Directory Listing
Modified Thu Jul 14 10:41:27 2016 UTC (5 years, 11 months ago) by tamasb 
ca_checker now keeps state so that if will not flood with emails
Revision 3048 - Directory Listing
Modified Mon Jul 11 13:17:28 2016 UTC (5 years, 11 months ago) by tamasb 
hourly ca checker cronjob that sends an email if CA is down
Revision 3047 - Directory Listing
Modified Mon Jul 11 12:02:29 2016 UTC (5 years, 11 months ago) by tamasb 
corrected claim name to idp_display_name matching OpenID Connect for MyProxy specs
Revision 3046 - Directory Listing
Modified Mon Jul 11 11:54:05 2016 UTC (5 years, 11 months ago) by tamasb 
don't map eptid from oid, only map it from persistent NameID

This change was introduced to match the eptid that the RCauth WAYF is producing
Revision 3045 - Directory Listing
Modified Mon Jul 11 10:52:25 2016 UTC (5 years, 11 months ago) by tamasb 
Change delegation server idp to RCauth WAYF

- change IdP metadata endpoint and entityID
- idp claim source becomes Shib-Authenticating-Authority (since Shib-Identity-Provider will always be the WAYF from here on)
- idp_name claim source becomse o (since orgDisplayName will always be the WAYF)
Revision 3042 - Directory Listing
Modified Mon Jul 11 10:32:36 2016 UTC (5 years, 11 months ago) by tamasb 
enable assertion exporting for trace logging
Revision 3040 - Directory Listing
Modified Mon Jul 11 10:25:15 2016 UTC (5 years, 11 months ago) by tamasb 
Configuration for the updated delegation server

- generate and release 'cert_subject_dn' claim
- configure attribute filtering (url extraction)
- add certificate extensions (mail) support
Revision 3039 - Directory Listing
Modified Mon Jul 11 09:22:03 2016 UTC (5 years, 11 months ago) by tamasb 
Added 'description' field to client DB table
Revision 3035 - Directory Listing
Modified Thu Jun 23 13:50:11 2016 UTC (6 years ago) by msalle 
Set cookie using mod_rewrite for request parameter idphint, this is passed to
wayf which uses it to directly go to a IdP.
Revision 3031 - Directory Listing
Modified Wed Jun 15 09:03:33 2016 UTC (6 years ago) by tamasb 
fromatting
Revision 3030 - Directory Listing
Modified Fri Jun 10 08:46:15 2016 UTC (6 years ago) by tamasb 
update mappings for idp and idp_name claims
Revision 3025 - Directory Listing
Modified Mon May 30 08:53:01 2016 UTC (6 years, 1 month ago) by tamasb 
changed the order of precedence to: epuid eppn
Revision 3021 - Directory Listing
Modified Mon May 23 13:21:53 2016 UTC (6 years, 1 month ago) by tamasb 
deleted unused configuration tag dnFormat
Revision 3020 - Directory Listing
Modified Mon May 23 12:59:48 2016 UTC (6 years, 1 month ago) by tamasb 
map SAML2 attributes only (by their OID) 

keep both SAML2 attribute OID and NameID source for extracting eptid
Revision 3015 - Directory Listing
Modified Fri May 13 08:46:49 2016 UTC (6 years, 1 month ago) by tamasb 
switch short claim names to long version
Revision 3009 - Directory Listing
Modified Wed May 4 09:52:26 2016 UTC (6 years, 2 months ago) by tamasb 
added missing scope for eptid
Revision 3008 - Directory Listing
Modified Tue May 3 18:56:09 2016 UTC (6 years, 2 months ago) by tamasb 
replaced links with binaries
Revision 3007 - Directory Listing
Modified Tue May 3 17:07:17 2016 UTC (6 years, 2 months ago) by tamasb 
updated to support trace_records 

 - new war file
 - new server config 
 - new shibboleth config mapping more attributes
 - mysql scipt for creating the right DB tables
Revision 3004 - Directory Listing
Modified Mon Apr 11 16:35:13 2016 UTC (6 years, 2 months ago) by tamasb 
updated hostname and server aliases
Revision 3003 - Directory Listing
Modified Mon Apr 11 16:34:29 2016 UTC (6 years, 2 months ago) by tamasb 
protect /register endpoint with SSO
Revision 3002 - Directory Listing
Modified Mon Apr 11 14:20:17 2016 UTC (6 years, 2 months ago) by tamasb 
publish new CRLs to web root
Revision 3001 - Directory Listing
Modified Mon Apr 11 13:55:34 2016 UTC (6 years, 2 months ago) by tamasb 
check for defined variables
Revision 3000 - Directory Listing
Modified Mon Apr 11 13:30:48 2016 UTC (6 years, 2 months ago) by tamasb 
customize SP metadata contact and attributes
Revision 2996 - Directory Listing
Modified Tue Apr 5 16:29:35 2016 UTC (6 years, 2 months ago) by tamasb 
added extra sirtfi bits to shibboleth metadata
Revision 2995 - Directory Listing
Modified Tue Apr 5 13:36:51 2016 UTC (6 years, 2 months ago) by tamasb 
switch from using ansible_fqdn to inventory_hostname
Revision 2992 - Directory Listing
Modified Tue Apr 5 12:27:35 2016 UTC (6 years, 2 months ago) by tamasb 
rewrite index.html instead of / (breaks shibboleth urls)
Revision 2991 - Directory Listing
Modified Tue Apr 5 09:31:27 2016 UTC (6 years, 2 months ago) by tamasb 
redirect webroot to rcauth url
Revision 2985 - Directory Listing
Modified Mon Apr 4 13:56:09 2016 UTC (6 years, 2 months ago) by tamasb 
added quates around ansible variable
Revision 2984 - Directory Listing
Modified Mon Apr 4 13:55:32 2016 UTC (6 years, 2 months ago) by tamasb 
task to make sure oa4mp db user exists
Revision 2983 - Directory Listing
Modified Mon Apr 4 13:54:50 2016 UTC (6 years, 2 months ago) by tamasb 
install tomcat manager interface
Revision 2982 - Directory Listing
Modified Mon Apr 4 13:54:32 2016 UTC (6 years, 2 months ago) by tamasb 
tomcat should only listed on localhost
Revision 2981 - Directory Listing
Modified Mon Apr 4 13:54:01 2016 UTC (6 years, 2 months ago) by tamasb 
add empty index page in webroot
Revision 2980 - Directory Listing
Modified Mon Apr 4 13:53:43 2016 UTC (6 years, 2 months ago) by tamasb 
completed shibboleth defaults
Revision 2973 - Directory Listing
Modified Mon Apr 4 13:46:44 2016 UTC (6 years, 2 months ago) by tamasb 
added epuid into the attribute map
Revision 2972 - Directory Listing
Modified Mon Apr 4 13:46:14 2016 UTC (6 years, 2 months ago) by tamasb 
Updated metadata generation
Revision 2886 - Directory Listing
Modified Wed Mar 16 22:06:29 2016 UTC (6 years, 3 months ago) by tamasb 
added some shib metadata info
Revision 2885 - Directory Listing
Modified Wed Mar 16 16:14:04 2016 UTC (6 years, 3 months ago) by tamasb 
fixed some minor issues, and added support for password generation on the fly
Revision 2880 - Directory Listing
Added Tue Mar 15 11:48:53 2016 UTC (6 years, 3 months ago) by tamasb 
Ansible deployment scripts for DS
grid.support@nikhef.nl
 ViewVC Help
Powered by ViewVC 1.1.28