Bug 807408

Summary: Xulrunner 10 and greater based ESC Can not display external enrollment UI
Product: [Retired] Dogtag Certificate System Reporter: Jack Magne <jmagne>
Component: TPSAssignee: Jack Magne <jmagne>
Status: CLOSED EOL QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: aakkiang, alee, jmagne, nkinder, rpattath
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-03-27 19:41:02 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 530474    
Attachments:
Description Flags
On RHEL 5.8 with z-stream patches SO workstation throwing error when format card is clicked..
none
Screen shot of external UI display problem during enrollment. none

Description Jack Magne 2012-03-27 17:33:10 UTC 
Description of problem:


ESC provides means of displaying customized external HTML based token enrollment UI. The purpose of this feature is to allow the customer to produce customized UI with some of their own branding. This feature is also used in the special Security Officer Mode.

After experimenting with a version of ESC on Linux using the latest 10 series of Xulrunner, this UI does not display properly. This could be due to an error in the markup for which the new Gecko engine does not tolerate or possibly some tighter security restrictions on HTML scripting making use of ESC's local XPCOM components used to detect and enroll actual tokens. More investigation will be needed to diagnose the exact cause.
Comment 1 Jack Magne 2012-03-29 21:05:07 UTC 
Turns out that the latest Gecko has an issue with the "progressmeter" tag in the /var/lib/pki-tps/cgi-bin/home/Enroll.html file.

Removing the "hidden=true" attribute allows the file to be displayed and for it to work properly.
Comment 2 Asha Akkiangady 2012-03-30 19:11:09 UTC 
Security officer station functions are not working on RHEL 5.8., for example, login to the SO work-station and click on the "Format Card" throws error message "Can't get UniversalXPConnect: TypeError: Components.classes['@redhat.com/rhCoolKey'] is undefined".

Possibly related to the issue that Jack mentioned in the description. Screen shot attached.
Comment 3 Asha Akkiangady 2012-03-30 19:13:36 UTC 
Created attachment 574078 [details]
On RHEL 5.8 with z-stream patches SO workstation throwing error when format card is clicked..

$ rpm -q esc coolkey firefox xulrunner
esc-1.1.0-13.el5_8.2
coolkey-1.1.0-15.el5
firefox-10.0.3-1.el5_8
xulrunner-10.0.3-1.el5_8
Comment 4 Asha Akkiangady 2012-03-30 19:38:28 UTC 
Created attachment 574083 [details]
Screen shot of external UI display problem during enrollment.
Comment 5 Roshni 2013-04-03 17:59:11 UTC 
Noticed the issue on ESC RHEL 6.4z errata
Comment 7 Roshni 2016-09-16 18:14:42 UTC 
Using pki-tps-10.3.3-9.el7pki.x86_64 seeing the following error when clicked on the auto enrollment button

"Problem loading Phone Home Information, check your network connection, re-insert the card, and try again!"