Metacat

lookup the correct property for keystore file

use HttpClient to set up SSL connection when doing replication calls -- this will use the server's configured certificate as the client certificate on the request. The server it is calling can then inspect that certificate and decide whether or not it trusts the caller.

check client-provided certificate when servicing ReplicationServlet requests.

Add updateReplicationMetadata() to the CN service implementation. This was missing from the API, and likely never called. It fully replaces the given replica item in the list of replicas in system metadata.

getReplica() should log replication events as DataONE Types.Event.replicate (vs 'getreplica')

Minor indentation cleanup.

Modify isAuthorized() to get the most up to date system metadata from the hzSystemMetadata map.

Add a placeholder setAccessPolicy() method in MNodeService that throws NotImplemented since this method is being deprecated. Note: need to confirm that this shouldn't be calling D1Client.getCN().setAccessPolicy().

Update getSystemMetadata() to lock(); get(); unlock() to ensure we have the latest version of system metadata from the hzSystemMetadata map. Remove the setAccessPolicy() method since it is being deprecated in the MNAuthorization API.
change insertSystemMetadata() to use a finer grained Date object on insertion. Locking of the pid happens in the subclass prior to the insert.

Add setAccessPolicy() to CNodeService since the CN should only make changes to access policies for objects registered with the D1 system. Increment the serial version after locling and getting the most up to fdate system metadata.
Note: CCIT meeting decision says the serial version of the system metadata (during the change) should equal the current serial version, but setAccessPolicy() does not pass in the entire system metadata object, so there's no way to check. For now, increment the latest system metadata from the hzSystemMetadata map.