# # Install LTPA Security. # #################################################################### # Patrick Finnegan 01/02/2007. V1. #################################################################### proc installLTPA { propertiesFile } { global AdminConfig global AdminTask # display procedure arguments. putsLog "proc - [info level 0 ]" foreach i [ info args installLdap ] { upvar 0 $i ilocal set propertiesArray($i) $ilocal } putsLog "procedure arguments are.................." foreach { a b } [ array get propertiesArray ] { putsLog [ format "%-35s %s" "$a" "$b" ] } #get the security object #there can be multiple security objects. Get the one at cell level. set cellName [ $AdminConfig showAttribute [ $AdminConfig list Cell ] name ] set securityId [ $AdminConfig getid /Cell:$cellName/Security:/ ] # get and display the existing LTPA objects. putsLog "existing LTPA objects are:............" if { [ catch { $AdminConfig list LTPA $securityId } r ] == 0 } { set LTPAList $r foreach i $LTPAList { set LTPAOID [ $AdminConfig showAttribute $i OID ] putsLog [ format "%-5s %s" " " $LTPAOID ] } } else { return -code error $r } set ltpaId [ lindex $LTPAList 0 ] putsLog "existing LTPA properties are:............" putsLog [ format "%-5s %-30s %-50s" " " OID [ $AdminConfig showAttribute $ltpaId OID ]] putsLog [ format "%-5s %-30s %-50s" " " authConfig [ $AdminConfig showAttribute $ltpaId authConfig ]] putsLog [ format "%-5s %-30s %-50s" " " authContextImplClass [ $AdminConfig showAttribute $ltpaId authContextImplClass ]] putsLog [ format "%-5s %-30s %-50s" " " authValidationConfig [ $AdminConfig showAttribute $ltpaId authValidationConfig ]] putsLog [ format "%-5s %-30s %-50s" " " isCredentialForwardable [ $AdminConfig showAttribute $ltpaId isCredentialForwardable ]] putsLog [ format "%-5s %-30s %-50s" " " password [ $AdminConfig showAttribute $ltpaId password ]] putsLog [ format "%-5s %-30s %-50s" " " timeout [ $AdminConfig showAttribute $ltpaId timeout ]] putsLog [ format "%-5s %-30s %-50s" " " private [ $AdminConfig showAttribute $ltpaId private ]] putsLog [ format "%-5s %-30s %-50s" " " properties [ $AdminConfig showAttribute $ltpaId properties ]] putsLog [ format "%-5s %-30s %-50s" " " public [ $AdminConfig showAttribute $ltpaId public ]] putsLog [ format "%-5s %-30s %-50s" " " shared [ $AdminConfig showAttribute $ltpaId shared ]] putsLog [ format "%-5s %-30s %-50s" " " simpleAuthConfig [ $AdminConfig showAttribute $ltpaId simpleAuthConfig ]] # get sso child. set ssoId [ $AdminConfig showAttribute $ltpaId singleSignon ] # display SSO properties putsLog [ format "%-5s %-30s %-50s" " " sso.domainName [ $AdminConfig showAttribute $ssoId domainName ] ] putsLog [ format "%-5s %-30s %-50s" " " sso.enabled [ $AdminConfig showAttribute $ssoId enabled ] ] putsLog [ format "%-5s %-30s %-50s" " " sso.requiresSSL [ $AdminConfig showAttribute $ssoId requiresSSL ] ] putsLog "new LTPA properties are:............" if { [ catch { hashMapList $propertiesFile } r ] == 0 } { set propertiesList $r foreach a $propertiesList { putsLog [ format "%-5s %-40s %-s" " " [ lindex $a 0 ] [ lindex $a 1 ] ] } } else { return -code error $r } # call the hashMap proc which returns a Property object populated with property file values. if { [ catch { hashMap $propertiesFile } r ] == 0 } { set PropertyI $r } else { return -code error $r } # set the LTPA properties. #set attrList [ setProperties $PropertyI ] set attrList [ setLtpaProperties $PropertyI ] #puts $attrList if { [ catch { $AdminConfig modify $ltpaId $attrList } r ] == 0 } { putsLog "************************************" putsLog "LTPA modified successfully:" putsLog $r putsLog "************************************" } else { putsLog "************************************" putsLog "ERROR: problem modifying LTPA" putsLog $r putsLog "************************************" return -code error $r } } ###################################### # set LTPA Properties. ###################################### proc setLtpaProperties { PropertyI } { global AdminConfig putsLog "proc - [info level 0 ]" foreach i [ info args setProperties ] { upvar 0 $i ilocal set propertiesArray($i) $ilocal } putsLog "procedure arguments are: .................." foreach { a b } [ array get propertiesArray ] { putsLog [ format "%-35s %s" "$a" "$b" ] } set password [ list password [ $PropertyI getProperty LTPA.password ] ] set timeout [ list timeout [ $PropertyI getProperty LTPA.timeout ] ] # set sso attributes set domainName [ list domainName [ $PropertyI getProperty LTPA.sso.domainName ]] set requiresSSL [ list requiresSSL [ $PropertyI getProperty LTPA.sso.requiresSSl ]] set enabled [ list enabled [ $PropertyI getProperty LTPA.sso.enabled ]] set singleSignon [ list singleSignon [ list $domainName $requiresSSL $enabled ] ] #set singleSignon [ list singleSignon [ list $domainName $enabled ] ] set attrList [ list $password $timeout $singleSignon ] return $attrList }