diff --git a/hsarback/conf/META-INF/persistence-with-sql-logging.xml b/hsarback/conf/META-INF/persistence-with-sql-logging.xml
index f551d23..cbbe3f5 100644
--- a/hsarback/conf/META-INF/persistence-with-sql-logging.xml
+++ b/hsarback/conf/META-INF/persistence-with-sql-logging.xml
@@ -6,7 +6,6 @@
de.hsadmin.core.qserv.QueueTask
de.hsadmin.mods.cust.Customer
de.hsadmin.mods.cust.Contact
- de.hsadmin.mods.cust.BankAccount
de.hsadmin.mods.pac.Pac
de.hsadmin.mods.pac.BasePac
de.hsadmin.mods.pac.BaseComponent
diff --git a/hsarback/conf/META-INF/persistence.xml b/hsarback/conf/META-INF/persistence.xml
index 5e0734c..ae4304b 100644
--- a/hsarback/conf/META-INF/persistence.xml
+++ b/hsarback/conf/META-INF/persistence.xml
@@ -6,7 +6,6 @@
de.hsadmin.core.qserv.QueueTask
de.hsadmin.mods.cust.Customer
de.hsadmin.mods.cust.Contact
- de.hsadmin.mods.cust.BankAccount
de.hsadmin.mods.pac.Pac
de.hsadmin.mods.pac.BasePac
de.hsadmin.mods.pac.BaseComponent
diff --git a/hsarback/conf/WEB-INF/prod-web.xml b/hsarback/conf/WEB-INF/prod-web.xml
index 1b71c01..4899424 100644
--- a/hsarback/conf/WEB-INF/prod-web.xml
+++ b/hsarback/conf/WEB-INF/prod-web.xml
@@ -11,6 +11,14 @@
Queue Status Servlet
de.hsadmin.core.qserv.QueueStatusReceiverServlet
+
+ proxyValidateUrl
+ https://@LOGIN_HOST@:@LOGIN_PORT@/cas/proxyValidate
+
+
+ proxyServiceUrl
+ https://@CONFIG_HOST@:@CONFIG_PORT@/hsar/backend
+
1
@@ -18,8 +26,8 @@
XmlRpcServlet
de.hsadmin.remote.HSXmlRpcServlet
- enabledForExtensions
- true
+ enabledForExtensions
+ true
@@ -28,11 +36,6 @@
/queueStatus
-
- CLI Client Connector
- /hsadmin/cli-interface/
-
-
XmlRpcServlet
/xmlrpc/*
diff --git a/hsarback/conf/WEB-INF/test-web.xml b/hsarback/conf/WEB-INF/test-web.xml
index df5a9df..47c2dd5 100644
--- a/hsarback/conf/WEB-INF/test-web.xml
+++ b/hsarback/conf/WEB-INF/test-web.xml
@@ -11,6 +11,14 @@
Queue Status Servlet
de.hsadmin.core.qserv.QueueStatusReceiverServlet
+
+ proxyValidateUrl
+ https://@LOGIN_HOST@:@LOGIN_PORT@/cas/proxyValidate
+
+
+ proxyServiceUrl
+ https://@CONFIG_HOST@:@CONFIG_PORT@/hsar/backend
+
1
@@ -28,11 +36,6 @@
/queueStatus
-
- CLI Client Connector
- /hsadmin/cli-interface/
-
-
XmlRpcServlet
/xmlrpc/*
diff --git a/hsarback/src/de/hsadmin/core/qserv/QueueStatusReceiverServlet.java b/hsarback/src/de/hsadmin/core/qserv/QueueStatusReceiverServlet.java
index af52c92..1d70163 100644
--- a/hsarback/src/de/hsadmin/core/qserv/QueueStatusReceiverServlet.java
+++ b/hsarback/src/de/hsadmin/core/qserv/QueueStatusReceiverServlet.java
@@ -18,12 +18,14 @@ import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.persistence.EntityManager;
+import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import de.hsadmin.core.model.TechnicalException;
+import de.hsadmin.core.model.TicketValidator;
import de.hsadmin.core.model.Transaction;
import de.hsadmin.core.util.Config;
@@ -43,6 +45,10 @@ public class QueueStatusReceiverServlet extends HttpServlet
@Override
public void init() throws ServletException {
+ final ServletConfig cfg = getServletConfig();
+ final String validateURL = cfg.getInitParameter("proxyValidateUrl");
+ final String serviceURL = cfg.getInitParameter("proxyServiceUrl");
+ TicketValidator.getInstance().initialize(validateURL, serviceURL);
isConnected = false;
messageCount = 0;
errorCount = 0;
diff --git a/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java b/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java
index f6c0cdf..feab37b 100644
--- a/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java
+++ b/hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java
@@ -256,25 +256,26 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
return domDirsProcessor;
}
- private Processor createApacheVHostSetupProcessor(EntityManager em, Domain dom) throws ProcessorException {
- Map templateVars = new HashMap();
+ private Processor createApacheVHostSetupProcessor(final EntityManager em, final Domain dom) throws ProcessorException {
+ final Map templateVars = new HashMap();
templateVars.put("dynamicWeb", new Boolean(dom.isDynamic()));
- String domName = dom.getName();
+ final String domName = dom.getName();
int level = domName.split("\\.").length;
- String linkPrefix = Integer.toString(100 - level);
- String pac = dom.getUser().getPac().getName();
- Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
+ final String linkPrefix = Integer.toString(100 - level);
+ final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
query.setParameter("domname", dom.getName());
ifOption(templateVars, query, "indexes", "+Indexes", "-Indexes");
ifOption(templateVars, query, "includes", "+IncludesNoExec", "-Includes");
ifOption(templateVars, query, "multiviews", "+MultiViews", "-MultiViews");
ifOption(templateVars, query, "htdocsfallback", Boolean.TRUE, Boolean.FALSE);
- Processor domSetupProcessor = new CompoundProcessor(
+ final Processor domSetupProcessor = new CompoundProcessor(
+ new ShellProcessor("export PEMS_DIR=/etc/apache2/pems-enabled/" + dom.getUser().getName() + " && "
+ + "mkdir -p $PEMS_DIR/ && "
+ + "cd $PEMS_DIR && "
+ + "( ls " + domName + ".crt || ( echo \"\" > " + domName + ".chain && "
+ + "openssl req -x509 -newkey rsa:2048 -keyout " + domName + ".key -out " + domName + ".crt -days 1100 -nodes -sha256 -subj '/CN=" + domName + "' ) ) &&"
+ + "chmod 400 " + domName + "*"),
new CreateFileProcessor("/de/hsadmin/mods/dom/apache-vhost.vm", templateVars, dom, "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true),
- new ShellProcessor("ls /etc/apache2/pems/" + pac + ".pem >/dev/null 2>&1" +
- " && sed -i '/SSLCertificate.*default/d' " + "/etc/apache2/sites-available/" + domName + ".tmp" +
- " && (ls /etc/apache2/pems/" + pac + ".chain.pem >/dev/null 2>&1 || sed -i '/SSLCertificateChain.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp )" +
- " || sed -i '/SSLCertificate.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp"),
new ShellProcessor(
" (diff -q /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName + " && rm /etc/apache2/sites-available/" + domName + ".tmp ) " +
" || (mv /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName +
@@ -302,6 +303,7 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
new ShellProcessor("rm -f /home/doms/" + domName +
" && rm -f /etc/apache2/sites-enabled/" + linkPrefix + "-" + domName +
" && rm -f /etc/apache2/sites-available/" + domName +
+ " && rm -f /etc/apache2/pems-enabled/" + dom.getUser().getName() + "/" + domName + ".*" +
" && rm -rf " + dom.getUser().getHomedir() + "/doms/" + domName +
" && invoke-rc.d apache2 reload >/dev/null 2>&1");
return vhostDelProcessor;
diff --git a/hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm b/hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm
index b98de63..e4fdd2d 100644
--- a/hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm
+++ b/hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm
@@ -90,10 +90,9 @@
#end
SSLEngine On
- SSLCertificateFile /etc/apache2/pems/default.pem
- SSLCertificateChainFile /etc/apache2/pems/default.chain.pem
- SSLCertificateFile /etc/apache2/pems/${pac.name}.pem
- SSLCertificateChainFile /etc/apache2/pems/${pac.name}.chain.pem
+ SSLCertificateFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.crt
+ SSLCertificateKeyFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.key
+ SSLCertificateChainFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.chain
DocumentRoot /home/doms/${dom.name}/htdocs-ssl