1. (breaking changes) hawkbit.server.ddi.security.rp.cnHeader and sslIssuerHashHeader are renamed to controllerIdHeader and authorityHeader correspondingly.
2. (breaking changes) their default values are changed: X-Ssl-Client-Cn -> X-Controller-Id and X-Ssl-Issuer-Hash-%d -> X-Authority
3. Now the authority header configuration is not a string forma but just a string. The implemenation checks for this header as comma or ; separated list or seeks for header iteration <authority_header>-%d (iteration starts from 0 or 1
4. Doc fixed
5. As there are breaking changes configuration changes may be needed: a) with changing the hawkbit.server.ddi.security.rp you could turn back the previous default headers (note X-Ssl-Issuer-Hash-%d shall now be X-Ssl-Issuer-Hash), or b) you may change the headers sent by the reverse proxy
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* Fix some compile warnings
* Some classes made final
* JPA entities made not serializable
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* Refactor hawkbit core and security
* improve access to the base core features - static
* thus easiear access
* and less boilerplate passing of instances
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* Refactor context classes
* make JSON context serialization default
* AccessContext
* Split hawkbit-security-core to other modules and remove it
---------
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
Remove Java security context serialization - it is replaced by JSON security context serialization (optimized as size). Backward incompatible change.
Java security context serialization was not used in default hawkbit runtime out of the box. So, it's assumed none uses it.
Anyway, if anyone has enabled it, he could, in order to keep backward compatibility, get the java security context serialization from the previous hawkbit releases/commits and register it again as a spring bean in his hawkbit extension.
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* Add support for pollingTime overrides
* the current format HH:mm:ss is still supported
* add option for deviation percent (HH:mm:ss~\d{1,2}%) which allows the system to do some randomizing of the poll interval
* add support for overriding default polling time interval for devices matching some RSQL filters (in order), e.g. 01:00:00~10%, group == 'eu' -> 00:02:00~15%, status != in_sync -> 00:05:00
* IMPORTANT: overdue time is calculated according to the default polling time. So, the overdue status might be incorrect for targets with overridden poll interval
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* Remove min polling time from the tenant config - it is a system configuration
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
* Add support for bigger poll intervals and overdue + duration format config support
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
---------
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
