Remove Firefox PKI GUI Configuration Panel Interface

[pki-bot]

This issue was migrated from Pagure Issue #1120. Originally filed by mharmsen (@mharmsen) on 2014-08-23 00:22:45:

• Assigned to mharmsen (@mharmsen)

---

Dogtag 10.2 currently provides the following PKI instance installation/configuration mechanisms:

• 'pkispawn' single-pass installation and configuration (can be run either interactively, or "silently" through a specified configuration file),
• 'pkispawn' (installation only) + 'pkispawn' (configuration only - replaces the 'pkisilent' batch process), or
• 'pkispawn' (installation only) + GUI browser configuration panels for CA, KRA, OCSP, and TKS (there are currently no GUI configuration panels for the revamped TPS) via a Firefox browser; the Firefox browser is the only browser which supports PKI configuration using this interface.

When the 'pkispawn' utility configures a PKI instance, it utilizes the REST interface; however, the GUI browser interface utilizes the original non-REST legacy interface. Both methods eventually utilize the same configuration back-end.

To alleviate many of the design/development/testing/support problems associated with maintaining multiple interfaces, we are planning on removing the GUI browser configuration interface option in Dogtag 10.2 since:

• when run using the single-pass technique, the 'pkispawn' tool can utilize an interactive mode to provide similar functionality and administrator experience,
• the GUI browser configuration panels currently lack support for Dogtag 10.2 instances which may contain more than one type of PKI subsystem (i. e. - it cannot be used to configure a second PKI subsystem within a Dogtag 10.2 instance that already contains a different subsystem - this leads to a failure to configure this second PKI subsystem as well as to the corruption of the original PKI subsystem!),
• we have concerns regarding future Firefox support of some of the features associated with the GUI configuration panels, and
• this should lead to a reduction of required test cases, many of which may have required tedious manual interaction with a tester.

Completion of this ticket requires the following:

(1) remove URL advertisement displayed at the end of a 'pkispawn'
    installation-only mode,
(2) remove all references to the GUI-based configuration option from the man pages,
(3) disable the GUI configuration interface servlet(s)
    in the various 'web.xml' files, and
(4) remove GUI configuration panels as well as any wizard code dedicated to the
    sole purpose of configuring a PKI instance.

proposed Milestones:(1), (2), and (3) - 10.2 (August)
                    (4)               - 10.2.1

[pki-bot]

Comment from mharmsen (@mharmsen) at 2014-08-29 00:56:47

Checked in patch for (1), (2), and (3):

• a1c7550

[pki-bot]

Comment from mharmsen (@mharmsen) at 2014-08-29 00:57:28

Moving to 10.2.1.

[pki-bot]

Comment from mharmsen (@mharmsen) at 2014-09-18 03:50:29

Proposed Milestone: 10.2.3 (per CS Meeting of 09/17/2014)

[pki-bot]

Comment from mharmsen (@mharmsen) at 2014-09-25 21:42:00

proposed Milestone: 10.2.2 - Per Dogtag 10.2.3 meeting of 09/25/2014

[pki-bot]

Comment from mharmsen (@mharmsen) at 2015-02-24 23:45:32

Per 10.2.2 Triage meeting of 02/24/2015: 10.2.3

[pki-bot]

Comment from mharmsen (@mharmsen) at 2015-04-28 20:40:04

Per Dogtag 10.2.x TRIAGE meeting of 04/28/2015: cleanup (low/minor priority)

[pki-bot]

Comment from mharmsen (@mharmsen) at 2015-06-30 20:37:10

Per Dogtag 10.2.6 TRIAGE meeting of 06/30/2015: 10.3

[pki-bot]

Comment from edewata (@edewata) at 2015-10-20 23:53:09

The wizard classes need be removed to help removing legacy HttpClient. See ticket 342.

[pki-bot]

Comment from edewata (@edewata) at 2015-10-22 17:38:35

Removed unused WizardServlet in master: 60fa66a

Remaining tasks:

• remove base/server/cms/src/com/netscape/cms/servlet/csadmin/BaseServlet.java
• remove base/server/cms/src/com/netscape/cms/servlet/csadmin/LoginServlet.java
• remove base/server/cms/src/com/netscape/cms/servlet/csadmin/SecurityDomainLogin.java
• cleanup base/ca/shared/webapps/ca/WEB-INF/web.xml
• cleanup base/kra/shared/webapps/kra/WEB-INF/web.xml
• cleanup base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml

Once ticket 1107 is fixed, we can remove base/server/share/webapps/pki/admin and also dependencies on Velocity.

[pki-bot]

Comment from mharmsen (@mharmsen) at 2015-10-24 02:12:41

Replying to [comment:16 edewata]:

Removed unused WizardServlet in master: 60fa66a

Cherry-picked to:

• DOGTAG_10_2_BRANCH - a156c64
• DOGTAG_10_2_6_BRANCH - 5ef07c7

[pki-bot]

Comment from mharmsen (@mharmsen) at 2017-02-27 14:11:46

Metadata Update from @mharmsen:

• Issue assigned to mharmsen
• Issue set to the milestone: UNTRIAGED