- For package installation/update please refer to: cloud-tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
Signed-off-by: wilderrodrigues <wrodrigues@schubergphilis.com>
This closes#587
- Adding keepalived installation in the right script. I added the change on the buildsystemvm.sh, which is no longer used.
Signed-off-by: wilderrodrigues <wrodrigues@schubergphilis.com>
- preempt delay reverted on version 1.2.13 - from the backports
- vrrp : Revert "Honor preempt_delay setting on startup.".
- See changelog: http://www.keepalived.org/changelog.html
- Refactoring some variable names to avoid misunderstanding
Signed-off-by: wilderrodrigues <wrodrigues@schubergphilis.com>
- We use no preempt mode with state set as EQUAL to both nodes, no need to have Priotities setup
- Do not add IPs as comments to the configuration. If a new guest interface is added, the file will change anyway.
- This was used in the past when keepalived would restart for each new interface added
- Removed the long sleep form the tests: we now sleep 5 seconds per PF rule added
CLOUDSTACK-8616 - Fix keepalived.ts/2 files comparison
- Add call to set_fault() in case of router transits to that state
- Removing commented out code
CLOUDSTACK-8616 - Fixing check_heartbeat.sh.templ
CLOUDSTACK-8616 - Call set_fault from the check_heartbeat.sh script
Signed-off-by: wilderrodrigues <wrodrigues@schubergphilis.com>
This uses local selector to access the DOM elements, the previous commit
would find a global element which is not in the context and fail changing the
element in the opened dialog.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This closes#583
This will install less packages on the system running CloudStack.
The -headless JRE doesn't include packages for running on desktops
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This closes#588
If SSVM cannot be started then the existing entry is removed and a new SSVM gets created. Made similar changes for CPVM as well.
Also cleaned up some log messages in SSVM and CPVM manager code.
Add option to authorize SAML SSO for user when adding user. Appends a domain to
user/account name if global setting is enabled, useful in case of multiple IDP
server. By default the setting is set to false (keep as it is).
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This closes#575
(cherry picked from commit 7d11c7bc703be00c91ea267695a33756ebb14b57)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
- Login is based on sessionkey HttpOnly Cookie
- ApiServlet does login verification using sessionKey from both the request cookies
and the API parameters. In both cases, if either or both are passed they should
match the sessionKey stored in the current session of the HttpRequest
- UI: it no longer needs to read or set sessionkey cookie
- UI: it no longer needs to return g_sessionKey value in the API requests, though
to support a sso mechanism g_sessionKey is still passed in the API is not null
- Secure jsessionid cookie is set to be HttpOnly and Secure
- SAML login should also set HttpOnly cookie before redirecting to UI
- SAML: listIdps & getSPMetadata APIs are readonly now, won't log out a logged in user
Performed tests (login, saml login if applicable, page refreshes, opening
multiple tabs, logout) with following combinations:
- SAML disabled, normal auth as admin, domain-admin and user
- SAML enabled, normal auth as admin, domain-admin and user; and saml sso as
admin, domain-admin and user
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This closes#574
This closes#308
