/[pdpsoft]/trunk/eu.rcauth.pilot-ica/DS/ansible/roles/delegserver
ViewVC logotype

Log of /trunk/eu.rcauth.pilot-ica/DS/ansible/roles/delegserver

View Directory Listing Directory Listing


Sticky Revision:

Revision 3077 - Directory Listing
Modified Mon Aug 8 13:37:02 2016 UTC (6 years ago) by msalle
Add mysql dump and restore scripts plus cronjob for the former.
Move 00-httpoxy from templates to file (it's not a template)
Update the oauth2 war and jar files.


Revision 3074 - Directory Listing
Modified Thu Jul 28 12:59:02 2016 UTC (6 years ago) by msalle
Replace crontab entry with a cron.hourly cronjob by symlinking to the /usr/local
script.


Revision 3072 - Directory Listing
Modified Mon Jul 25 15:51:19 2016 UTC (6 years ago) by tamasb
don't map ShibAuthenticatingAuthority directly into /O=
this will be done by the WAYF from now.


ShibAuthenticatingAuthority can be multi valued (unordered)
in case there is a WAYF after our WAYF. This will cause confusion 
on the  Delegation Server since it expects a single valued 
attribute. The WAYF will take care of extracting the right 
ShibAuthenticatingAuthority (the proxy entityID) and setting 
it in the 'o' attribute sent to the Delegation Server



Revision 3068 - Directory Listing
Modified Mon Jul 25 10:29:51 2016 UTC (6 years ago) by tamasb
enable shibboleth exportAssertion in mod_shib

- also, raise logging to debug on the server


Revision 3066 - Directory Listing
Modified Fri Jul 22 15:41:22 2016 UTC (6 years ago) by tamasb
added HSTS support


Revision 3064 - Directory Listing
Modified Fri Jul 22 14:38:25 2016 UTC (6 years ago) by tamasb
updated SSLCipher rules on httpd config


Revision 3058 - Directory Listing
Modified Tue Jul 19 09:48:12 2016 UTC (6 years, 1 month ago) by tamasb
fix for httpoxy voulnerability (CVE-2016-5387)


Revision 3057 - Directory Listing
Modified Thu Jul 14 14:18:02 2016 UTC (6 years, 1 month ago) by tamasb
we don't use a trust store for the DS

it uses the /var/www/server/certificates as a trust root


Revision 3056 - Directory Listing
Modified Thu Jul 14 13:52:58 2016 UTC (6 years, 1 month ago) by tamasb
changed an outdated comment


Revision 3054 - Directory Listing
Modified Thu Jul 14 10:41:27 2016 UTC (6 years, 1 month ago) by tamasb
ca_checker now keeps state so that if will not flood with emails


Revision 3048 - Directory Listing
Modified Mon Jul 11 13:17:28 2016 UTC (6 years, 1 month ago) by tamasb
hourly ca checker cronjob that sends an email if CA is down



Revision 3047 - Directory Listing
Modified Mon Jul 11 12:02:29 2016 UTC (6 years, 1 month ago) by tamasb
corrected claim name to idp_display_name matching OpenID Connect for MyProxy specs


Revision 3046 - Directory Listing
Modified Mon Jul 11 11:54:05 2016 UTC (6 years, 1 month ago) by tamasb
don't map eptid from oid, only map it from persistent NameID

This change was introduced to match the eptid that the RCauth WAYF is producing


Revision 3045 - Directory Listing
Modified Mon Jul 11 10:52:25 2016 UTC (6 years, 1 month ago) by tamasb
Change delegation server idp to RCauth WAYF

- change IdP metadata endpoint and entityID
- idp claim source becomes Shib-Authenticating-Authority (since Shib-Identity-Provider will always be the WAYF from here on)
- idp_name claim source becomse o (since orgDisplayName will always be the WAYF)



Revision 3042 - Directory Listing
Modified Mon Jul 11 10:32:36 2016 UTC (6 years, 1 month ago) by tamasb
enable assertion exporting for trace logging


Revision 3040 - Directory Listing
Modified Mon Jul 11 10:25:15 2016 UTC (6 years, 1 month ago) by tamasb
Configuration for the updated delegation server

- generate and release 'cert_subject_dn' claim
- configure attribute filtering (url extraction)
- add certificate extensions (mail) support


Revision 3039 - Directory Listing
Modified Mon Jul 11 09:22:03 2016 UTC (6 years, 1 month ago) by tamasb
Added 'description' field to client DB table


Revision 3035 - Directory Listing
Modified Thu Jun 23 13:50:11 2016 UTC (6 years, 1 month ago) by msalle
Set cookie using mod_rewrite for request parameter idphint, this is passed to
wayf which uses it to directly go to a IdP.



Revision 3031 - Directory Listing
Modified Wed Jun 15 09:03:33 2016 UTC (6 years, 2 months ago) by tamasb
fromatting 


Revision 3030 - Directory Listing
Modified Fri Jun 10 08:46:15 2016 UTC (6 years, 2 months ago) by tamasb
update mappings for idp and idp_name claims


Revision 3025 - Directory Listing
Modified Mon May 30 08:53:01 2016 UTC (6 years, 2 months ago) by tamasb
changed the order of precedence to: epuid eppn 


Revision 3021 - Directory Listing
Modified Mon May 23 13:21:53 2016 UTC (6 years, 2 months ago) by tamasb
deleted unused configuration tag dnFormat


Revision 3020 - Directory Listing
Modified Mon May 23 12:59:48 2016 UTC (6 years, 2 months ago) by tamasb
map SAML2 attributes only (by their OID) 

keep both SAML2 attribute OID and NameID source for extracting eptid


Revision 3015 - Directory Listing
Modified Fri May 13 08:46:49 2016 UTC (6 years, 3 months ago) by tamasb
switch short claim names to long version


Revision 3009 - Directory Listing
Modified Wed May 4 09:52:26 2016 UTC (6 years, 3 months ago) by tamasb
added missing scope for eptid


Revision 3008 - Directory Listing
Modified Tue May 3 18:56:09 2016 UTC (6 years, 3 months ago) by tamasb
replaced links with binaries 


Revision 3007 - Directory Listing
Modified Tue May 3 17:07:17 2016 UTC (6 years, 3 months ago) by tamasb
updated to support trace_records 

 - new war file
 - new server config 
 - new shibboleth config mapping more attributes
 - mysql scipt for creating the right DB tables



Revision 3004 - Directory Listing
Modified Mon Apr 11 16:35:13 2016 UTC (6 years, 4 months ago) by tamasb
updated hostname and server aliases


Revision 3003 - Directory Listing
Modified Mon Apr 11 16:34:29 2016 UTC (6 years, 4 months ago) by tamasb
protect /register endpoint with SSO


Revision 3002 - Directory Listing
Modified Mon Apr 11 14:20:17 2016 UTC (6 years, 4 months ago) by tamasb
publish new CRLs to web root


Revision 3001 - Directory Listing
Modified Mon Apr 11 13:55:34 2016 UTC (6 years, 4 months ago) by tamasb
check for defined variables


Revision 3000 - Directory Listing
Modified Mon Apr 11 13:30:48 2016 UTC (6 years, 4 months ago) by tamasb
customize SP metadata contact and attributes 


Revision 2996 - Directory Listing
Modified Tue Apr 5 16:29:35 2016 UTC (6 years, 4 months ago) by tamasb
added extra sirtfi bits to shibboleth metadata


Revision 2995 - Directory Listing
Modified Tue Apr 5 13:36:51 2016 UTC (6 years, 4 months ago) by tamasb
switch from using ansible_fqdn to inventory_hostname


Revision 2992 - Directory Listing
Modified Tue Apr 5 12:27:35 2016 UTC (6 years, 4 months ago) by tamasb
rewrite index.html instead of / (breaks shibboleth urls)


Revision 2991 - Directory Listing
Modified Tue Apr 5 09:31:27 2016 UTC (6 years, 4 months ago) by tamasb
redirect webroot to rcauth url


Revision 2985 - Directory Listing
Modified Mon Apr 4 13:56:09 2016 UTC (6 years, 4 months ago) by tamasb
added quates around ansible variable


Revision 2984 - Directory Listing
Modified Mon Apr 4 13:55:32 2016 UTC (6 years, 4 months ago) by tamasb
task to make sure oa4mp db user exists


Revision 2983 - Directory Listing
Modified Mon Apr 4 13:54:50 2016 UTC (6 years, 4 months ago) by tamasb
install tomcat manager interface


Revision 2982 - Directory Listing
Modified Mon Apr 4 13:54:32 2016 UTC (6 years, 4 months ago) by tamasb
tomcat should only listed on localhost


Revision 2981 - Directory Listing
Modified Mon Apr 4 13:54:01 2016 UTC (6 years, 4 months ago) by tamasb
add empty index page in webroot


Revision 2980 - Directory Listing
Modified Mon Apr 4 13:53:43 2016 UTC (6 years, 4 months ago) by tamasb
completed shibboleth defaults


Revision 2973 - Directory Listing
Modified Mon Apr 4 13:46:44 2016 UTC (6 years, 4 months ago) by tamasb
added epuid into the attribute map


Revision 2972 - Directory Listing
Modified Mon Apr 4 13:46:14 2016 UTC (6 years, 4 months ago) by tamasb
Updated metadata generation 


Revision 2886 - Directory Listing
Modified Wed Mar 16 22:06:29 2016 UTC (6 years, 5 months ago) by tamasb
added some shib metadata info 


Revision 2885 - Directory Listing
Modified Wed Mar 16 16:14:04 2016 UTC (6 years, 5 months ago) by tamasb
fixed some minor issues, and added support for password generation on the fly


Revision 2880 - Directory Listing
Added Tue Mar 15 11:48:53 2016 UTC (6 years, 5 months ago) by tamasb
Ansible deployment scripts for DS


grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28