akenti CO -a <cert> -i PEM -o XML
There are several new functions: one is PolicyCheck which will check all
the certificates (policy and Use Conditions) associated with a resource
for correctness. It is strongly advised to use this after you have added
to a policy in order to find any inconsistencies between the certificates.
There are also functions that will print out templates for the akenti
engine or client configuration files.
Small fixes to the code to get it to compile and link with g++ 3.2. Note: the policyEngine does not yet work correctly when compiled with g++ 3.2, but we are working on that.
Fixed the makefiles to work for jdk1.4.1 and tested that the java sources would build with jdk1.4.1 Note, if you are using 1.4, you do not need to exlicitly load the jce, jsse or cryptix jar files
Udated binaries to openssl 0.9.7a. no changes were necessary in the source code.
New Client API
deprecatedlibsrc/server/protocol/AkentiInsecurtClient interfaces
C_checkAccessInit, C_checkAccessLocal, checkAccessLocal, getCapability
Added libsrc/akCInf directory
AkClientInf - C compatible client side interface
AkEngInf - c compatible interface to AkentiEngine.
cap.cpp - routines to extract sections of the capability certificate
Added more support for XML certificates in C++
Added toXML and fromXML methods to the libsrc/certs/elements and
libsrc/certs classes
Tools
Added a command line certificate generator in C++ called certGen which can be
used instead of the Java one (certGen.sh, CertGen.java)
Redid the callClient.C program to use the new akCInf interfaces.
PolicyGenerator code
Improved instructions and help messages
ResDefinition server code
Modified the secure connection code in ResDefinitionServer and the sample
Client.java to do the random number intialization explicitly. It will
look for a .rand file to use for the seed.
The server reads the ResDefSSL value from akentiConf. If it is off creates
http a socket, if on creates https socket. It defaults to off. If the
connection is SSL, it needs to read ResDefServerKey and ResDefServerCert
file names from akentiConf.
Testcases
akentiServer
Added a sample Client program to call the server over https in the
akentiServer directory. It reads "clientKey.pem" and "clientCert.pem"
from a clientConf file.
libsrc/dirServices
Added retrival from ldap.doesciencegrid.org to test the referral code.
Note. This may hang if the ldap server is down,
Added unit tests for the new C interfaces
testcase/libsrc/policyEngine/TestAkCEngInf.c
testcase/akentiServer/ClientInfTest.c