new configuration version

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/etc/nevis/k8s-nevisauth-ac27dd7daad0ca2b7229bfaf.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisAuth"
   replicas: 1
-  version: "8.2405.2"
+  version: "8.2411.1"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -45,7 +45,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-012b3edc35a12cc7deab7ef71a4e2da21b6d5d0a"
+    tag: "r-b674d74c7f0ca9297d32d0956ea52006e353411b"
     dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/operations-admin-signer-pem-key-store/key.pem

@@ -1,54 +1,54 @@
 -----BEGIN ENCRYPTED PRIVATE KEY-----
-MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUSFveca6jQvyQEDNp
-+SAa7cjgsZkCAggAMB0GCWCGSAFlAwQBKgQQPi0Fa+RJi5NQGegMJMlKbgSCCVBo
-Yddg8FtVvQgWXWua1XzMpgUiHO8p2/Ka1YnJ5UyoEbhuMD53IFCUVBR8Dh0p5QQR
-5+3z5KJ7neLtAMAtFb/rdvupGhLqzIBLOTbPLOi3B9gmnzxMRiLbPsgk5jPMG/Xw
-0KNMOnuKaf4qsGTmBowDIXwahklFFM7USmocxx27zHLjjM+XJecHhOp2kwPMQvts
-2G0MrYs8+ZdWMOIlgQwxJnCnHmJIaP48ZvrByxR3dNYG8/nhxx/mKx2Qvmd4I4co
-whJQxa2o/3RqAQuRxckHa2ohzwxhRpPT2peEMtvuKJ7OtPY2dfkLVm0yCjOV6Bvw
-0O9U3h2NKU9Bk1LVVLqbe6tpWQ/8BPAO5nEn+yU5wP3UbrVKTkTlSYMB5CuG0ZYR
-62G4esxb7T+zKfkqES68Pzl5KNhaOhBeqmaXAcdryNYsPSVtLX8h+Wjqak0IbTGp
-bD3T2CGa6JYm9h2FamcNzsUhlEDcDglsvq1sH7KTIJMwGdNwqPpb/bHUaWw6X3Kz
-AvvP0c4y/bmu02C2PQ2G4BxI/0lBlCzvvwsoqK/NqcyK/d9ffMH1zK2vTErIRroT
-6fJOAWiNcz1FhuKjZwtH3NQjHtf20YfmGfBx/CBdxnryvIoD+S8uxZojbGGnH/F4
-qgofCAUxKzATt785ELa8XGsIaTRT4N2vm9TIbzpWAKVx0/GnOu7cIdCUDwD9TNGg
-eZzCSRkPjXSE6i0QODA7LRxJEfVsWOjOI96sn3qiBjm0ZgrKdwivNQiOyHI58wJR
-tpT7PgjLGVhy0iVZWm597BNq/wJi4DjshkcixVhYNVi7qXgUd2hsS3oCn8EzJvbO
-UmzBuTlYkf+AfQMnE2VVCNtPd4V7a1nTJC80uxoqa+GrMBtwqs1Xf8k4cbZDBXBR
-EOTWF3QhbZachtLkvrNBDfZvj9142PtN6yskRZnSrPNeKYUD1pucOvpqR/AYwqkl
-fdTzAcuJK7Xrsq6h0lduEeV94VUZU7q3oledjCLK41bp4JdV9eOxYt96Qszx6/eA
-tTFPTwvRb3SotqwMNhsZIgGb5YKf18n9z59qzAb4komHwYSFMN+6dxyyOqb+ecm9
-WbGFUji7VaXaAyIfdmGQcyT44wiD0AZ9o8nQ9GZjwwQgy9BpKJbWtaPmBmlw6Eqr
-nTxDtze6+MfifdO/tRgGq56Oe0Wag+OWk5k4dnst/oZ7QczLx5C1ycsq7ebpZJon
-p8CHw5biOLHPuQQpWEQv3T1isZit9R3kNDu9c+6+TsaFZWdw6cCvhI6zK4j9fQu9
-AS1Ab+kabk5Xs/XXQxzB+W2LagK7/jYX8Du/zLTWXfGQnSlu5iZuQiFFzQcR93kS
-XGlo5FoB/m4tA4vi7j3NV6piKmnuwsK7Mmuxaki3ZDJeVzJ3h01Yzd+mK8cneQB9
-72j3wQycpcCJX58iNebTUpdpdJ6X3DSh/zjb3HtrAQ6s8AQCagpuP9DMyCFzGShL
-4a/g8NzN0+sS/LlDx+0im8YAnGkOLkepWTatmbtzW8qYH+vMlAn8hm3Tt/hYlBhg
-FLJAQxdpahgGfUhnvxHZwiUP8LFy044DSRf0rb5065K62jhGwASZX/2qFnH/z31L
-GVeDzFET66rSeJr0QXMRWoAPZMLZEH6KPPYDx0uvzFQNvX5V7lzQr+bzlMQMEVuw
-JeGhwB1Cv9HE5+JE0W7dEeVkXpW91zx6AG3fq1fWngolWhbNDWEw6k3mMOfsUGcd
-dVtxakzhNEpErILAUZga9g6L7XTjAwy3f5koLl5GgPHl0e0RC9NaxTmJQvR4BBEj
-tpJLM8/PWMeozIGiDt/hHF80UWLLp/qF4tKHHGDfCquADlbP4n5KeU7NGgbtZqo1
-6QWGSUUG2xeRWLLVU+RquucfLhPbWmtM5MmtUAoDyXsj/g2Ofj8dHJkFvQjfMDXX
-xZ8DSabCOaqoA2ld5VXKfDG/QmStb0x1MKue8/v55FkBbOo5jTdAgEyi29+nF7Lo
-DmIM/Z7H2TR0RIoFltKDm6h3YUgMT80idYWXIFf5J+2JKAdcUP0bzAZEEcsvBEEU
-YrqyKM3R8JurQsXYyGx3upaxxljDLuLln8uXGUhqEdOXhzzK8cSb7LnQnLqU7OVA
-IcFb5OgB5qlIs/p3LnI/Lkec4xpledh+xHRG5ADo+/MD1QIwGYvIcgV9/M2UtGEm
-HAz8RAMnZlnBgvgbzaOax01ls8pLCOyYT5qWjWvAEldop4AOWnnjkkuj89xNrzFA
-TJj1Z/2dhNJcJyvLQ6GNI5cyI1Y/cQ7UbBffoUmsMGVmwznlwD2ezIVP/KgSuahs
-G1hT4D08c9Q6rF/dxO3Ithqlmk0AIUO949fiQsw6961QBET1Ttde9BCXg1UeZ9WY
-1mCU6moNzO9HLPo9FFYQfF5e/LFkyBaraZHzuK2qZTnWXPu/vrHCsKeJAcVy2+X+
-h5l3r0UICa33+r4DnxUnx1w6/NDZOkNBXTPBkEjL9n7os6fpxqcrqFCEFfPEzjJS
-Si7scPe0OVVBSSFIGfSUewp12Z42a6WVQjGcAo3bSBioed+Vau7dsQhGfnFkdlEz
-8ShzLpsCXn1+WnIGJ+Mnp1Eq9SRrLWVvhfK3+nuD+IOQS+Mdy6lZwv7Sh8aw1dah
-E2lOCLOVZ5Gq2J+RmW9Mfc+XPt+mtgogIPVrB7/zg5iZblarjkNEE/xfgwF7XYRA
-rzNDOVArYvnupq76BC606M+KrgUVNC4iUiA31o8LE/VN+Hb47LGmE9yw2HDgdYjq
-QBnsf922zKJdtSdhcnJjKh540LpkMuMxHkBeYgzqGtRca93LIVOeuu/gHZ08Vy0g
-FsvnSZ2YON2V7mKBM4Mr6PYioysIghFnItOcpybvm+qezmcG8E5icgMqgU9Xx3E0
-6VYlNineY5LCyVNxahrOPI1lpn7+y0aXqcDmeV844R9sETRK5CtRrD44ZU6blpmp
-ozqgrXTFGxdmhFIvh4YbmRx8tlPm2O8j3a62d2l8dD+wb6+pSOPdWy8nlZOKNTnu
-e6+lduIiWz5k9I6i5t5HRFF9Ks3Y9BCWlztvPR/YtKGjb9KWr9Y6Qlusrjhqi+7m
-Fh8JEy86X6HEZ4HjubYhncujckM9rUD7vpY9c1a1F0yPUbNHx6/lm0NkvSNaTtyX
-N3AZ41ui96b5jUOgiw2AqyV2NXn35JZnmS0pe/Sjbw==
+MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUujopyT0FuTlG+R4N
+omkAllyXmcoCAggAMB0GCWCGSAFlAwQBKgQQ68fHgrZau00ycJ4NBG2rzASCCVB+
+gm97GPsSe7WQk9sZeeRDc5ZAzFdyOPOKnTk0WReH1O58KQkfA4N5OsMhHZvRCKDo
+SLWcPvJbl0qD+0RwSHVlQIlNVEMQ/97eitmtWug6rHIzQTX6RS2qJsek2A1DSDIT
+nbwzm8Ep5WeSi3ejXDi19u9b45phjlC9tk+tQ+VS6eOA1bOp0aZoPV4difU+MZGv
+273lcyXwhXRg46qI7OUWlXe7X8xwVUzrtndS60GXWNgO42nYYe8cPchLXllaIizi
+ZeI288nAVucbR6DdOBs8GOJ6QIYyMFIiH0IaD0eQk4rt6/Qc4C1UBgDhWZgGWqv3
+jVL4jvJp9BF5vCOKnu+dk0+eRDjExqgyHtQUHd0COEeufEifNII+ll0Lq85dCcLr
+TgYCFYqByou/po4B1bneIEPXJMbyDFS22MxDa1y8fsKjvDqxxfltnOGoWB8u/N0q
+wUD050q4q2JD5xX0cvGGEYMcvYOgt4zvTAWqoHGZ0cG+ufrvwpClDgk2FywiIEwo
+0L97iqjEsI7EoW73lIyfmB2P2DaJ6Hyrxpiaf2Xcg/ehWyD7o4pqunexnT6N3s0J
+f7cAsbpl3U6RVlNhR2U/2W9KjU8EqEnYgdcW2qDmlrGKI9p0FpqjnDzwxGIFcpXU
+GnFQhyDRQBE0FNQQTj6f/GeP4XseRDc+8dQsyFEwAraxP+Ebr8xNwshMZxTzYvIy
+vXMfTAKOD2Nl0FiHW335tJOxRbPoyiIS+5oy3VVxxWLVEBvTl8Dh514w8R13295G
+oJg1RScaTigbQdTK9oVhwGKmezmEBInqgA2VftnTxD2v7vJhIf8cpEH6MpR1iR+J
+jTz3bc9Xtaf/ZbPmN/1p6PqZuCaDT/RZiUuBHOEN6wLRMrx3wnC5NeztPiGJ/lnX
+auvfFllFLD2nNiWLSXH/ew0m3zRDsTcHxtWlbPFi4FMmxKJa/1siRBF6tMe9ASPC
+JXIUz4t86057dUjG/xBU1w4KZeVrshhHSy/SUF2/a5INsPc3VXVV4s0iRiqX/yDG
+dU2Z+wbrxWccm2Qb+6RO7cr8/EcDi7G+5kxrnhEcUnBXbpO8TKBqHUmyCZRz2mP3
+2n17PqfGTHS1P0O5e5xvQkA5E+s4gvJoxFwn23p5WMTUJ1ATZwDkF9HIc0kLaKR/
+tFl2y9/1DDkvDryrPwVtwq37mfUuI/rhGdTKUk7pKpm8iI+QW1IHffCrFBMOWSi5
+E9dhmVYpQ//yULkmFrC2bRQ/4KyKw3j7fHd4ytAXRy6Ja7uyHcz+7z/lbUDnAZ+R
+fYncBSZvRRkB8Xwn+FbPWQCwli6qJFFxizpn9WcS9nYx0lMb6jwruqA79+KRZqHk
+/OvG1sN76Y4SCjd4QSclV0X6Y5xf+WgTt4XFzew9BeYAocOuiXfo9jVDCfXaP7pd
+4TKuRq4UHaRlnJYXQVRsw05EEmtA8k6AxIYLaJnmuvzzUxp4grKUOAneL6MAI1xf
+Zr1yU2tqPi7TRmv0dUhqCJ88Rzkdy5yMBNfgR5xQQBGoQhUgZ9zjc4IVdGgdTI1I
+EsxZUs3FwQ1WAes9hIY+W5BEB9qSzsWXAxOtxsvHO240fXyC7GAMVgK/RB1087oc
+1X/QkqqYYB0NaJm2bjwguVhdPg+HP4c0Y2Xk0mkeEAADAZ3SEC+HcZpsNQX6cFIP
+7LhD0ALMZBuvnB+eeAfqUhBVPFX+BIssAI8Bb7CaJkKzMbYp8TrAiEFOKF1WF/G3
+v4Z0YDkzXfVYrFcJt7QRSSRIrW7PnJaQUooFueBVw6/zsZtz8w1TcEYD0Jz6im/Z
+SwV2HGTEdhfWSCAddwwZx+KyzcN5wi8RPPkh25tZ5SLNZc4xhm1WFHWtTikKNsPg
+VyOd26JIS4DfVexuEATLFk0VA0BG+ubmOVOo0kDOCOsDfu5i4jrikbgG/eO+sF8k
+olb6VdbhVi53xP8ZhLfoS5zvy8RIMf3zmshoCvA0taHfXqiZXFltewBrVpiowpzi
+TzHiXwvmyJwAIW1C1S+c3hi+yb82lSJ/cwg5B7LYC2YqHKNsxmMfjMGkXqGIPln6
+w6EOMtYRqxeaA5b6Srjs9QblrbPNlFjHrRB8pwSvH3n1kE4L1yFTkvp+KhvErC+d
+2Whlm5TcWlN6yORandx10efegrJuOtJezjuvRptC+FImvjRS7Ud9TnZC3YIrE6Az
+WpdVuYajFx3hbj7OcMQ9wTxS0j695jtS/4S4n77Dwazw+HWPZMoyyXLFVmCKEgs9
+LrqPniVYR9LB+4qcvbVIkjLgfsCQ7/HdKv0/inXWH8HIcmqFWEbEKkqP+VWKg3JJ
++7hIs0mWpMkvRSMMblijE5iwzllzq3PZWj1bhPG9sgCo9MHmP/77ODQZjpq4oDxR
+uTCVUU+TRz9D+6IIvyT7f8WAi8eDl+oYBNiklD61ACUs+2fx4FboMdVeEEjwVOVA
+Z1+rDbB9BBt8CTe/dYsWJlaS2gAUiu+ONsnUZCY5RjaQvj91M5o1MiIsp6o0ogIq
+aVM5bkq8JTKsf7+sAtZPMySMZ5mK4UGXetgj9kp+f8STw7HWe7qvcWiqW8RhaFbs
+qiHIbyuMK789pMhDXa808+0r4sh8px++UCfnyjJZxzG4WUgRaY7Lj4CtB3bSTm3u
+Qr2tj8B6hgmQQOt6yQEasHzJ6mG/RW7m1TcnNTo1KpuO4Zw/PbLreCqG3UMUpmgJ
+b3gHBxHyf5vzgq/ZHJ24j+98ygXMa1eEgA6zPZtz39VsRLC39E6lZ+344USrpmVm
+QVS6qL4paAKbhMlLxBhwQVMjT1yUDPk5r2KbVfRZr1zMIf2FHoVRAN0JrtPuBO9p
+Qm2RBmoCQ65x3ZZhS7+Q2nWkbZnzl9bGzRI0HE/US6C3gTN8r125Q1qZlbgIELQY
+zHOS1KvjAGda8t37Ka+tJRInQ6k5iFfbShvx32H6fC6hEl2afme/G63g28YMLYZE
+9mN3rjj2/beboOA689qigBvfxHkLTxoPnleKyxi4daLugtH3/bd68851OwDxqXBm
+8jE+ndhtWakoYgx7zITo1rBMQAqZiXEAlqpl4pinR5xvMaqRDJBM/qlPq508eTgK
+4nz779AZePXg5UiaO62jpB9MZ4AfJqUSdvRZ07vSa0Ik5534euxCT5TfxzgHTkN1
+8p1vaXL9k38J2dOPv9mEGk/9t6dhX/uMl9x3Ionw2Q==
 -----END ENCRYPTED PRIVATE KEY-----

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/keys/own/operations-admin-signer-pem-key-store/keystore.pem

@@ -1,56 +1,56 @@
 -----BEGIN ENCRYPTED PRIVATE KEY-----
-MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUSFveca6jQvyQEDNp
-+SAa7cjgsZkCAggAMB0GCWCGSAFlAwQBKgQQPi0Fa+RJi5NQGegMJMlKbgSCCVBo
-Yddg8FtVvQgWXWua1XzMpgUiHO8p2/Ka1YnJ5UyoEbhuMD53IFCUVBR8Dh0p5QQR
-5+3z5KJ7neLtAMAtFb/rdvupGhLqzIBLOTbPLOi3B9gmnzxMRiLbPsgk5jPMG/Xw
-0KNMOnuKaf4qsGTmBowDIXwahklFFM7USmocxx27zHLjjM+XJecHhOp2kwPMQvts
-2G0MrYs8+ZdWMOIlgQwxJnCnHmJIaP48ZvrByxR3dNYG8/nhxx/mKx2Qvmd4I4co
-whJQxa2o/3RqAQuRxckHa2ohzwxhRpPT2peEMtvuKJ7OtPY2dfkLVm0yCjOV6Bvw
-0O9U3h2NKU9Bk1LVVLqbe6tpWQ/8BPAO5nEn+yU5wP3UbrVKTkTlSYMB5CuG0ZYR
-62G4esxb7T+zKfkqES68Pzl5KNhaOhBeqmaXAcdryNYsPSVtLX8h+Wjqak0IbTGp
-bD3T2CGa6JYm9h2FamcNzsUhlEDcDglsvq1sH7KTIJMwGdNwqPpb/bHUaWw6X3Kz
-AvvP0c4y/bmu02C2PQ2G4BxI/0lBlCzvvwsoqK/NqcyK/d9ffMH1zK2vTErIRroT
-6fJOAWiNcz1FhuKjZwtH3NQjHtf20YfmGfBx/CBdxnryvIoD+S8uxZojbGGnH/F4
-qgofCAUxKzATt785ELa8XGsIaTRT4N2vm9TIbzpWAKVx0/GnOu7cIdCUDwD9TNGg
-eZzCSRkPjXSE6i0QODA7LRxJEfVsWOjOI96sn3qiBjm0ZgrKdwivNQiOyHI58wJR
-tpT7PgjLGVhy0iVZWm597BNq/wJi4DjshkcixVhYNVi7qXgUd2hsS3oCn8EzJvbO
-UmzBuTlYkf+AfQMnE2VVCNtPd4V7a1nTJC80uxoqa+GrMBtwqs1Xf8k4cbZDBXBR
-EOTWF3QhbZachtLkvrNBDfZvj9142PtN6yskRZnSrPNeKYUD1pucOvpqR/AYwqkl
-fdTzAcuJK7Xrsq6h0lduEeV94VUZU7q3oledjCLK41bp4JdV9eOxYt96Qszx6/eA
-tTFPTwvRb3SotqwMNhsZIgGb5YKf18n9z59qzAb4komHwYSFMN+6dxyyOqb+ecm9
-WbGFUji7VaXaAyIfdmGQcyT44wiD0AZ9o8nQ9GZjwwQgy9BpKJbWtaPmBmlw6Eqr
-nTxDtze6+MfifdO/tRgGq56Oe0Wag+OWk5k4dnst/oZ7QczLx5C1ycsq7ebpZJon
-p8CHw5biOLHPuQQpWEQv3T1isZit9R3kNDu9c+6+TsaFZWdw6cCvhI6zK4j9fQu9
-AS1Ab+kabk5Xs/XXQxzB+W2LagK7/jYX8Du/zLTWXfGQnSlu5iZuQiFFzQcR93kS
-XGlo5FoB/m4tA4vi7j3NV6piKmnuwsK7Mmuxaki3ZDJeVzJ3h01Yzd+mK8cneQB9
-72j3wQycpcCJX58iNebTUpdpdJ6X3DSh/zjb3HtrAQ6s8AQCagpuP9DMyCFzGShL
-4a/g8NzN0+sS/LlDx+0im8YAnGkOLkepWTatmbtzW8qYH+vMlAn8hm3Tt/hYlBhg
-FLJAQxdpahgGfUhnvxHZwiUP8LFy044DSRf0rb5065K62jhGwASZX/2qFnH/z31L
-GVeDzFET66rSeJr0QXMRWoAPZMLZEH6KPPYDx0uvzFQNvX5V7lzQr+bzlMQMEVuw
-JeGhwB1Cv9HE5+JE0W7dEeVkXpW91zx6AG3fq1fWngolWhbNDWEw6k3mMOfsUGcd
-dVtxakzhNEpErILAUZga9g6L7XTjAwy3f5koLl5GgPHl0e0RC9NaxTmJQvR4BBEj
-tpJLM8/PWMeozIGiDt/hHF80UWLLp/qF4tKHHGDfCquADlbP4n5KeU7NGgbtZqo1
-6QWGSUUG2xeRWLLVU+RquucfLhPbWmtM5MmtUAoDyXsj/g2Ofj8dHJkFvQjfMDXX
-xZ8DSabCOaqoA2ld5VXKfDG/QmStb0x1MKue8/v55FkBbOo5jTdAgEyi29+nF7Lo
-DmIM/Z7H2TR0RIoFltKDm6h3YUgMT80idYWXIFf5J+2JKAdcUP0bzAZEEcsvBEEU
-YrqyKM3R8JurQsXYyGx3upaxxljDLuLln8uXGUhqEdOXhzzK8cSb7LnQnLqU7OVA
-IcFb5OgB5qlIs/p3LnI/Lkec4xpledh+xHRG5ADo+/MD1QIwGYvIcgV9/M2UtGEm
-HAz8RAMnZlnBgvgbzaOax01ls8pLCOyYT5qWjWvAEldop4AOWnnjkkuj89xNrzFA
-TJj1Z/2dhNJcJyvLQ6GNI5cyI1Y/cQ7UbBffoUmsMGVmwznlwD2ezIVP/KgSuahs
-G1hT4D08c9Q6rF/dxO3Ithqlmk0AIUO949fiQsw6961QBET1Ttde9BCXg1UeZ9WY
-1mCU6moNzO9HLPo9FFYQfF5e/LFkyBaraZHzuK2qZTnWXPu/vrHCsKeJAcVy2+X+
-h5l3r0UICa33+r4DnxUnx1w6/NDZOkNBXTPBkEjL9n7os6fpxqcrqFCEFfPEzjJS
-Si7scPe0OVVBSSFIGfSUewp12Z42a6WVQjGcAo3bSBioed+Vau7dsQhGfnFkdlEz
-8ShzLpsCXn1+WnIGJ+Mnp1Eq9SRrLWVvhfK3+nuD+IOQS+Mdy6lZwv7Sh8aw1dah
-E2lOCLOVZ5Gq2J+RmW9Mfc+XPt+mtgogIPVrB7/zg5iZblarjkNEE/xfgwF7XYRA
-rzNDOVArYvnupq76BC606M+KrgUVNC4iUiA31o8LE/VN+Hb47LGmE9yw2HDgdYjq
-QBnsf922zKJdtSdhcnJjKh540LpkMuMxHkBeYgzqGtRca93LIVOeuu/gHZ08Vy0g
-FsvnSZ2YON2V7mKBM4Mr6PYioysIghFnItOcpybvm+qezmcG8E5icgMqgU9Xx3E0
-6VYlNineY5LCyVNxahrOPI1lpn7+y0aXqcDmeV844R9sETRK5CtRrD44ZU6blpmp
-ozqgrXTFGxdmhFIvh4YbmRx8tlPm2O8j3a62d2l8dD+wb6+pSOPdWy8nlZOKNTnu
-e6+lduIiWz5k9I6i5t5HRFF9Ks3Y9BCWlztvPR/YtKGjb9KWr9Y6Qlusrjhqi+7m
-Fh8JEy86X6HEZ4HjubYhncujckM9rUD7vpY9c1a1F0yPUbNHx6/lm0NkvSNaTtyX
-N3AZ41ui96b5jUOgiw2AqyV2NXn35JZnmS0pe/Sjbw==
+MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUujopyT0FuTlG+R4N
+omkAllyXmcoCAggAMB0GCWCGSAFlAwQBKgQQ68fHgrZau00ycJ4NBG2rzASCCVB+
+gm97GPsSe7WQk9sZeeRDc5ZAzFdyOPOKnTk0WReH1O58KQkfA4N5OsMhHZvRCKDo
+SLWcPvJbl0qD+0RwSHVlQIlNVEMQ/97eitmtWug6rHIzQTX6RS2qJsek2A1DSDIT
+nbwzm8Ep5WeSi3ejXDi19u9b45phjlC9tk+tQ+VS6eOA1bOp0aZoPV4difU+MZGv
+273lcyXwhXRg46qI7OUWlXe7X8xwVUzrtndS60GXWNgO42nYYe8cPchLXllaIizi
+ZeI288nAVucbR6DdOBs8GOJ6QIYyMFIiH0IaD0eQk4rt6/Qc4C1UBgDhWZgGWqv3
+jVL4jvJp9BF5vCOKnu+dk0+eRDjExqgyHtQUHd0COEeufEifNII+ll0Lq85dCcLr
+TgYCFYqByou/po4B1bneIEPXJMbyDFS22MxDa1y8fsKjvDqxxfltnOGoWB8u/N0q
+wUD050q4q2JD5xX0cvGGEYMcvYOgt4zvTAWqoHGZ0cG+ufrvwpClDgk2FywiIEwo
+0L97iqjEsI7EoW73lIyfmB2P2DaJ6Hyrxpiaf2Xcg/ehWyD7o4pqunexnT6N3s0J
+f7cAsbpl3U6RVlNhR2U/2W9KjU8EqEnYgdcW2qDmlrGKI9p0FpqjnDzwxGIFcpXU
+GnFQhyDRQBE0FNQQTj6f/GeP4XseRDc+8dQsyFEwAraxP+Ebr8xNwshMZxTzYvIy
+vXMfTAKOD2Nl0FiHW335tJOxRbPoyiIS+5oy3VVxxWLVEBvTl8Dh514w8R13295G
+oJg1RScaTigbQdTK9oVhwGKmezmEBInqgA2VftnTxD2v7vJhIf8cpEH6MpR1iR+J
+jTz3bc9Xtaf/ZbPmN/1p6PqZuCaDT/RZiUuBHOEN6wLRMrx3wnC5NeztPiGJ/lnX
+auvfFllFLD2nNiWLSXH/ew0m3zRDsTcHxtWlbPFi4FMmxKJa/1siRBF6tMe9ASPC
+JXIUz4t86057dUjG/xBU1w4KZeVrshhHSy/SUF2/a5INsPc3VXVV4s0iRiqX/yDG
+dU2Z+wbrxWccm2Qb+6RO7cr8/EcDi7G+5kxrnhEcUnBXbpO8TKBqHUmyCZRz2mP3
+2n17PqfGTHS1P0O5e5xvQkA5E+s4gvJoxFwn23p5WMTUJ1ATZwDkF9HIc0kLaKR/
+tFl2y9/1DDkvDryrPwVtwq37mfUuI/rhGdTKUk7pKpm8iI+QW1IHffCrFBMOWSi5
+E9dhmVYpQ//yULkmFrC2bRQ/4KyKw3j7fHd4ytAXRy6Ja7uyHcz+7z/lbUDnAZ+R
+fYncBSZvRRkB8Xwn+FbPWQCwli6qJFFxizpn9WcS9nYx0lMb6jwruqA79+KRZqHk
+/OvG1sN76Y4SCjd4QSclV0X6Y5xf+WgTt4XFzew9BeYAocOuiXfo9jVDCfXaP7pd
+4TKuRq4UHaRlnJYXQVRsw05EEmtA8k6AxIYLaJnmuvzzUxp4grKUOAneL6MAI1xf
+Zr1yU2tqPi7TRmv0dUhqCJ88Rzkdy5yMBNfgR5xQQBGoQhUgZ9zjc4IVdGgdTI1I
+EsxZUs3FwQ1WAes9hIY+W5BEB9qSzsWXAxOtxsvHO240fXyC7GAMVgK/RB1087oc
+1X/QkqqYYB0NaJm2bjwguVhdPg+HP4c0Y2Xk0mkeEAADAZ3SEC+HcZpsNQX6cFIP
+7LhD0ALMZBuvnB+eeAfqUhBVPFX+BIssAI8Bb7CaJkKzMbYp8TrAiEFOKF1WF/G3
+v4Z0YDkzXfVYrFcJt7QRSSRIrW7PnJaQUooFueBVw6/zsZtz8w1TcEYD0Jz6im/Z
+SwV2HGTEdhfWSCAddwwZx+KyzcN5wi8RPPkh25tZ5SLNZc4xhm1WFHWtTikKNsPg
+VyOd26JIS4DfVexuEATLFk0VA0BG+ubmOVOo0kDOCOsDfu5i4jrikbgG/eO+sF8k
+olb6VdbhVi53xP8ZhLfoS5zvy8RIMf3zmshoCvA0taHfXqiZXFltewBrVpiowpzi
+TzHiXwvmyJwAIW1C1S+c3hi+yb82lSJ/cwg5B7LYC2YqHKNsxmMfjMGkXqGIPln6
+w6EOMtYRqxeaA5b6Srjs9QblrbPNlFjHrRB8pwSvH3n1kE4L1yFTkvp+KhvErC+d
+2Whlm5TcWlN6yORandx10efegrJuOtJezjuvRptC+FImvjRS7Ud9TnZC3YIrE6Az
+WpdVuYajFx3hbj7OcMQ9wTxS0j695jtS/4S4n77Dwazw+HWPZMoyyXLFVmCKEgs9
+LrqPniVYR9LB+4qcvbVIkjLgfsCQ7/HdKv0/inXWH8HIcmqFWEbEKkqP+VWKg3JJ
++7hIs0mWpMkvRSMMblijE5iwzllzq3PZWj1bhPG9sgCo9MHmP/77ODQZjpq4oDxR
+uTCVUU+TRz9D+6IIvyT7f8WAi8eDl+oYBNiklD61ACUs+2fx4FboMdVeEEjwVOVA
+Z1+rDbB9BBt8CTe/dYsWJlaS2gAUiu+ONsnUZCY5RjaQvj91M5o1MiIsp6o0ogIq
+aVM5bkq8JTKsf7+sAtZPMySMZ5mK4UGXetgj9kp+f8STw7HWe7qvcWiqW8RhaFbs
+qiHIbyuMK789pMhDXa808+0r4sh8px++UCfnyjJZxzG4WUgRaY7Lj4CtB3bSTm3u
+Qr2tj8B6hgmQQOt6yQEasHzJ6mG/RW7m1TcnNTo1KpuO4Zw/PbLreCqG3UMUpmgJ
+b3gHBxHyf5vzgq/ZHJ24j+98ygXMa1eEgA6zPZtz39VsRLC39E6lZ+344USrpmVm
+QVS6qL4paAKbhMlLxBhwQVMjT1yUDPk5r2KbVfRZr1zMIf2FHoVRAN0JrtPuBO9p
+Qm2RBmoCQ65x3ZZhS7+Q2nWkbZnzl9bGzRI0HE/US6C3gTN8r125Q1qZlbgIELQY
+zHOS1KvjAGda8t37Ka+tJRInQ6k5iFfbShvx32H6fC6hEl2afme/G63g28YMLYZE
+9mN3rjj2/beboOA689qigBvfxHkLTxoPnleKyxi4daLugtH3/bd68851OwDxqXBm
+8jE+ndhtWakoYgx7zITo1rBMQAqZiXEAlqpl4pinR5xvMaqRDJBM/qlPq508eTgK
+4nz779AZePXg5UiaO62jpB9MZ4AfJqUSdvRZ07vSa0Ik5534euxCT5TfxzgHTkN1
+8p1vaXL9k38J2dOPv9mEGk/9t6dhX/uMl9x3Ionw2Q==
 -----END ENCRYPTED PRIVATE KEY-----
 
 -----BEGIN CERTIFICATE-----

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/env.conf

@@ -3,6 +3,7 @@ RTENV_SECURITY_CHECK=no_shell
 JAVA_OPTS=(
     "-XX:+UseContainerSupport"
     "-Dfile.encoding=UTF-8"
+    "-Dotel.instrumentation.metro.enabled=false"
     "-XX:MaxRAMPercentage=80.0"
     "-Djava.net.preferIPv4Stack=true"
     "-Djava.net.connectionTimeout=10000"
@@ -12,7 +13,7 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME"
     "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/auth-default-tls-trust/truststore.p12"
     "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/auth-default-tls-trust/keypass}"
 )

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/logging.yml

@@ -12,6 +12,8 @@ Configuration:
         onMismatch: "ACCEPT"
   Loggers:
     Logger:
+    - name: "ProductAnalytics"
+      level: "INFO"
     - name: "EsAuthStart"
       level: "INFO"
     - name: "org.apache.catalina.loader.WebappClassLoader"

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth/var/opt/nevisauth/default/conf/nevisauth.yml

@@ -3,6 +3,7 @@ server:
   protocol: "https"
   port: "8991"
   host: "0.0.0.0"
+  max-threads: "200"
   tls:
     keystore: "/var/opt/keys/own/auth-default-identity/keystore.p12"
     keystore-passphrase: "${exec:/var/opt/keys/own/auth-default-identity/keypass}"

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/etc/nevis/k8s-nevisidm-batch-641ac4edf0c17383d3c0ea38.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisIDM"
   replicas: 1
-  version: "8.2405.2"
+  version: "8.2411.1"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -28,25 +28,25 @@ spec:
     management:
       httpGet:
         path: "/liveness"
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
   readinessProbe:
     management:
       httpGet:
         path: "/health"
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
   startupProbe:
     management:
       httpGet:
         path: "/health"
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
-      failureThreshold: 10
+      failureThreshold: 50
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-204c3ed3f252b12ca8d250caad2ff4905e491e6c"
+    tag: "r-b674d74c7f0ca9297d32d0956ea52006e353411b"
     dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/env.conf

@@ -4,5 +4,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME"
 )

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/logging.yml

@@ -20,6 +20,8 @@ Configuration:
         onMismatch: "ACCEPT"
   Loggers:
     Logger:
+    - name: "ProductAnalytics"
+      level: "INFO"
     - name: "ch.nevis.idm.batch.jobs"
       level: "INFO"
       additivity: "false"

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job/var/opt/nevisidm/default/conf/rolesMapping.properties

@@ -1,7 +1,7 @@
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.TemplateAdmin=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CollectionView,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.GenerateReport,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyAttributeAccessOverride,AccessControl.PropertySearch,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SearchResultsExport,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
 # source: pattern://50d6c91ace65f52fa56d7113
-nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState.14,AccessControl.CredentialCreate.14,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
+nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.Root=AccessControl.ApplicationCreate,AccessControl.ApplicationDelete,AccessControl.ApplicationModify,AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplCreate,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientCreate,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitCreate,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.BatchJobExecute,AccessControl.BatchJobView,AccessControl.ClientCreate,AccessControl.ClientDelete,AccessControl.ClientModify,AccessControl.ClientApplAssign,AccessControl.ClientApplDelete,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialDelete,AccessControl.CredentialModify,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.PersistentQueueRetry,AccessControl.PersistentQueueDelete,AccessControl.PersistentQueueView,AccessControl.PolicyConfigurationCreate,AccessControl.PolicyConfigurationDelete,AccessControl.PolicyConfigurationModify,AccessControl.PolicyConfigurationSearch,AccessControl.PolicyConfigurationView,AccessControl.ProfileArchive,AccessControl.ProfileCreate,AccessControl.ProfileDelete,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueCreate,AccessControl.PropertyAllowedValueDelete,AccessControl.PropertyAllowedValueModify,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyCreate,AccessControl.PropertyDelete,AccessControl.PropertyModify,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleCreate,AccessControl.RoleDelete,AccessControl.RoleModify,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SelfAdmin,AccessControl.UnitCreate,AccessControl.UnitCreateTopUnit,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserCreate,AccessControl.UserDelete,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.LoginIdOverride,AccessControl.TemplateStore,AccessControl.CollectionView,AccessControl.CollectionCreate,AccessControl.CollectionModify,AccessControl.CollectionDelete,AccessControl.TemplateView,AccessControl.TemplateCreate,AccessControl.TemplateModify,AccessControl.TemplateDelete,AccessControl.TemplateTextView,AccessControl.TemplateTextCreate,AccessControl.TemplateTextModify,AccessControl.TemplateTextDelete,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.CredentialViewPlainValue,AccessControl.DeputyCreate,AccessControl.DeputyDelete,AccessControl.UnitCredPolicyView,AccessControl.UnitCredPolicyCreate,AccessControl.UnitCredPolicyDelete,AccessControl.UserCreateTechUser,AccessControl.UserModifyTechUser,AccessControl.UserDeleteTechUser,AccessControl.UserArchiveTechUser,AccessControl.CredentialPdfView,AccessControl.EnterpriseAuthorizationCreate,AccessControl.EnterpriseAuthorizationDelete,AccessControl.EnterpriseAuthorizationModify,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleCreate,AccessControl.AuthorizationEnterpriseRoleDelete,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.EnterpriseRoleCreate,AccessControl.EnterpriseRoleModify,AccessControl.EnterpriseRoleDelete,AccessControl.EnterpriseRoleSearch,AccessControl.EnterpriseRoleView,AccessControl.EnterpriseRoleMemberCreate,AccessControl.EnterpriseRoleMemberDelete,AccessControl.EnterpriseRoleMemberSearch,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView,AccessControl.PersonalQuestionCreate,AccessControl.PersonalQuestionModify,AccessControl.PersonalQuestionDelete,AccessControl.LoginIdModify,AccessControl.TermsView,AccessControl.TermsCreate,AccessControl.TermsModify,AccessControl.TermsDelete,AccessControl.ConsentCreate,AccessControl.ConsentView
 # source: pattern://50d6c91ace65f52fa56d7113

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-nevisidm-admin-ba7c7a3b091df0c4b8ba0bb2.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisIDM"
   replicas: 1
-  version: "8.2405.2"
+  version: "8.2411.1"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -28,25 +28,25 @@ spec:
     management:
       httpGet:
         path: "/liveness"
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
   readinessProbe:
     management:
       httpGet:
         path: "/health"
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
   startupProbe:
     management:
       httpGet:
         path: "/health"
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
-      failureThreshold: 10
+      failureThreshold: 50
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-204c3ed3f252b12ca8d250caad2ff4905e491e6c"
+    tag: "r-b674d74c7f0ca9297d32d0956ea52006e353411b"
     dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/env.conf

@@ -4,5 +4,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME"
 )

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/logging.yml

@@ -20,6 +20,8 @@ Configuration:
         onMismatch: "ACCEPT"
   Loggers:
     Logger:
+    - name: "ProductAnalytics"
+      level: "INFO"
     - name: "ch.nevis.idm.batch.jobs"
       level: "INFO"
       additivity: "false"

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/rolesMapping.properties

@@ -1,7 +1,7 @@
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.TemplateAdmin=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CollectionView,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.GenerateReport,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyAttributeAccessOverride,AccessControl.PropertySearch,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SearchResultsExport,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
 # source: pattern://50d6c91ace65f52fa56d7113
-nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState.14,AccessControl.CredentialCreate.14,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
+nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
 # source: pattern://50d6c91ace65f52fa56d7113
 nevisIdm.Root=AccessControl.ApplicationCreate,AccessControl.ApplicationDelete,AccessControl.ApplicationModify,AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplCreate,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientCreate,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitCreate,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.BatchJobExecute,AccessControl.BatchJobView,AccessControl.ClientCreate,AccessControl.ClientDelete,AccessControl.ClientModify,AccessControl.ClientApplAssign,AccessControl.ClientApplDelete,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialDelete,AccessControl.CredentialModify,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.PersistentQueueRetry,AccessControl.PersistentQueueDelete,AccessControl.PersistentQueueView,AccessControl.PolicyConfigurationCreate,AccessControl.PolicyConfigurationDelete,AccessControl.PolicyConfigurationModify,AccessControl.PolicyConfigurationSearch,AccessControl.PolicyConfigurationView,AccessControl.ProfileArchive,AccessControl.ProfileCreate,AccessControl.ProfileDelete,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueCreate,AccessControl.PropertyAllowedValueDelete,AccessControl.PropertyAllowedValueModify,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyCreate,AccessControl.PropertyDelete,AccessControl.PropertyModify,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleCreate,AccessControl.RoleDelete,AccessControl.RoleModify,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SelfAdmin,AccessControl.UnitCreate,AccessControl.UnitCreateTopUnit,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserCreate,AccessControl.UserDelete,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.LoginIdOverride,AccessControl.TemplateStore,AccessControl.CollectionView,AccessControl.CollectionCreate,AccessControl.CollectionModify,AccessControl.CollectionDelete,AccessControl.TemplateView,AccessControl.TemplateCreate,AccessControl.TemplateModify,AccessControl.TemplateDelete,AccessControl.TemplateTextView,AccessControl.TemplateTextCreate,AccessControl.TemplateTextModify,AccessControl.TemplateTextDelete,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.CredentialViewPlainValue,AccessControl.DeputyCreate,AccessControl.DeputyDelete,AccessControl.UnitCredPolicyView,AccessControl.UnitCredPolicyCreate,AccessControl.UnitCredPolicyDelete,AccessControl.UserCreateTechUser,AccessControl.UserModifyTechUser,AccessControl.UserDeleteTechUser,AccessControl.UserArchiveTechUser,AccessControl.CredentialPdfView,AccessControl.EnterpriseAuthorizationCreate,AccessControl.EnterpriseAuthorizationDelete,AccessControl.EnterpriseAuthorizationModify,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleCreate,AccessControl.AuthorizationEnterpriseRoleDelete,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.EnterpriseRoleCreate,AccessControl.EnterpriseRoleModify,AccessControl.EnterpriseRoleDelete,AccessControl.EnterpriseRoleSearch,AccessControl.EnterpriseRoleView,AccessControl.EnterpriseRoleMemberCreate,AccessControl.EnterpriseRoleMemberDelete,AccessControl.EnterpriseRoleMemberSearch,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView,AccessControl.PersonalQuestionCreate,AccessControl.PersonalQuestionModify,AccessControl.PersonalQuestionDelete,AccessControl.LoginIdModify,AccessControl.TermsView,AccessControl.TermsCreate,AccessControl.TermsModify,AccessControl.TermsDelete,AccessControl.ConsentCreate,AccessControl.ConsentView
 # source: pattern://50d6c91ace65f52fa56d7113

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/etc/nevis/k8s-nevislogrend-8401da6318c6915d689cdfc9.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisLogrend"
   replicas: 1
-  version: "8.2405.0"
+  version: "8.2411.1"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -44,7 +44,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-b6eaa7f9026321e4d7f57bdaa6a43d474d91683a"
+    tag: "r-b674d74c7f0ca9297d32d0956ea52006e353411b"
     dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend"
     credentials: "git-credentials"
   podSecurity:

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/env.conf

@@ -10,5 +10,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevislogrend/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2405.0,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME"
 )

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/conf/logging.yml

@@ -11,7 +11,9 @@ Configuration:
         onMatch: "DENY"
         onMismatch: "ACCEPT"
   Loggers:
-    Logger: []
+    Logger:
+    - name: "ProductAnalytics"
+      level: "INFO"
     Root:
       level: "WARN"
       additivity: "false"

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/OP-ONBRDNG-AuthenticationRealm/webdata/resources/mauth_link_qr.js

@@ -16,6 +16,12 @@
 
     let statusPolling;
 
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
     function dispatchLink() {
 
         document.getElementById("mauth_started").style.display = "block"; // show
@@ -55,9 +61,7 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    statusPolling = window.setInterval(function () {
-                        poll(sessionId);
-                    }, 2000);
+                    poll(sessionId);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -70,21 +74,36 @@
     }
 
     function poll(sessionId) {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
 
-        const request = {};
-        request.fidoUafSessionId = sessionId;
+        isPolling = true;
 
-        // calling nevisFIDO through nevisAuth on current URL using AJAX
-        fetch("", {
+        const request = { fidoUafSessionId: sessionId };
+
+        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        }).then(res => {
-            res.json().then(o => {
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
+
                 if (status == 'clientAuthenticating') {
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
@@ -99,20 +118,24 @@
                     addInput(form, "continue", "true"); // required for custom dispatching in usernameless
                     document.body.appendChild(form);
                     form.submit();
-                }
-                else if (status == 'failed' || status == 'unknown') {
-
+                } else if (status == 'failed' || status == 'unknown') {
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
-
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
-        }).catch((err) => console.error("error: ", err));
     }
 
     dispatchLink();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/OP-ONBRDNG-AuthenticationRealm/webdata/resources/mauth_onboard.js

@@ -16,6 +16,12 @@
 
     let statusPolling;
 
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
     function renderEnrollment() {
 
         // link is provided by a hidden GuiElem
@@ -52,44 +58,53 @@
     }
 
     function poll() {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
+
+        isPolling = true;
 
         // state is held on backend side
         const request = {};
 
-        // calling nevisFIDO through nevisAuth on current URL using AJAX
-        fetch("", {
+        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        }).then(res => {
-            res.json().then(o => {
+        });
 
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
 
                 if (status == 'clientRegistering') {
-
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
 
                     // hide QR-code and information
                     document.getElementById("mauth_qrcode").style.display = 'none';
                     document.getElementById("mauth_qrcode_info").style.display = 'none';
-                }
-                else if (status == 'succeeded') {
-
+                } else if (status == 'succeeded') {
                     clearInterval(statusPolling);
-                    console.error("onboarding successful");
+                    console.log("onboarding successful");
 
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     document.body.appendChild(form);
                     form.submit();
-                }
-                else if (status == 'failed' || status == 'unknown') {
-
+                } else if (status == 'failed' || status == 'unknown') {
                     clearInterval(statusPolling);
                     console.error("onboarding failed with status: " + status);
 
@@ -98,8 +113,15 @@
                     document.body.appendChild(form);
                     form.submit();
                 }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(), POLLING_INTERVAL);
             });
-        }).catch((err) => console.error("error: ", err));
     }
 
     renderEnrollment();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/OP-ONBRDNG-AuthenticationRealm/webdata/resources/mauth_push_qr.js

@@ -16,6 +16,12 @@
 
     let statusPolling;
 
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
     function dispatch(id) {
 
         document.getElementById("mauth_devices").style.display = "none"; // hide selection menu
@@ -70,9 +76,7 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    statusPolling = window.setInterval(function () {
-                        poll(sessionId);
-                    }, 2000);
+                    poll(sessionId);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -125,47 +129,64 @@
     }
 
     function poll(sessionId) {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
+        isPolling = true;
 
-        const request = {};
-        request.fidoUafSessionId = sessionId;
+        const request = { fidoUafSessionId: sessionId };
 
-        // calling nevisFIDO through nevisAuth on current URL using AJAX
-        fetch("", {
+        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        }).then(res => {
-            res.json().then(o => {
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
+
                 if (status == 'clientAuthenticating') {
                     document.getElementById("mauth_qrcode").style.display = 'none';
                     document.getElementById("mauth_qrcode_info").style.display = 'none';
                     document.getElementById("mauth_match_numbers").style.display = 'block';
                     document.getElementById("mauth_loading").style.display = 'block';
                 }
+
                 if (status == 'succeeded') {
                     clearInterval(statusPolling);
-                    // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     document.body.appendChild(form);
                     form.submit();
-                }
-                else if (status == 'failed' || status == 'unknown') {
-
+                } else if (status == 'failed' || status == 'unknown') {
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
-
-                    // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
-        }).catch((err) => console.error("error: ", err));
     }
 
     renderDeviceList();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/OP-ONBRDNG-AuthenticationRealm/webdata/resources/mauth_usernameless.js

@@ -16,6 +16,12 @@
 
     let statusPolling;
 
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
     function dispatch() {
 
         console.log("initiating usernameless mobile authentication...");
@@ -58,9 +64,7 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    statusPolling = window.setInterval(function () {
-                        poll(sessionId);
-                    }, 2000);
+                    poll(sessionId);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -73,46 +77,66 @@
     }
 
     function poll(sessionId) {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
 
-        const request = {};
-        request.fidoUafSessionId = sessionId;
+        isPolling = true;
 
-        // calling nevisFIDO through nevisAuth on current URL using AJAX
-        fetch("", {
+        const request = { fidoUafSessionId: sessionId };
+
+        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        }).then(res => {
-            res.json().then(o => {
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
+
                 if (status == 'clientAuthenticating') {
-                    document.getElementById("mauth_qrcode").style.display = 'none';
+                    // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
+                    document.getElementById("mauth_qrcode").style.display = 'none';
                 }
                 if (status == 'succeeded') {
                     clearInterval(statusPolling);
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
-                    addInput(form, "fidoUafDone", "true"); // checked by Groovy script
+                    addInput(form, "continue", "true"); // required for custom dispatching in usernameless
                     document.body.appendChild(form);
                     form.submit();
-                }
-                else if (status == 'failed' || status == 'unknown') {
-
+                } else if (status == 'failed' || status == 'unknown') {
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
-
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
-                    addInput(form, "fidoUafSessionId", sessionId); // checked by Groovy script
+                    addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
-        }).catch((err) => console.error("error: ", err));
     }
 
     dispatch();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/SAML_SP_nevisidm_admin_Realm/webdata/resources/mauth_link_qr.js

@@ -16,6 +16,12 @@
 
     let statusPolling;
 
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
     function dispatchLink() {
 
         document.getElementById("mauth_started").style.display = "block"; // show
@@ -55,9 +61,7 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    statusPolling = window.setInterval(function () {
-                        poll(sessionId);
-                    }, 2000);
+                    poll(sessionId);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -70,21 +74,36 @@
     }
 
     function poll(sessionId) {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
 
-        const request = {};
-        request.fidoUafSessionId = sessionId;
+        isPolling = true;
 
-        // calling nevisFIDO through nevisAuth on current URL using AJAX
-        fetch("", {
+        const request = { fidoUafSessionId: sessionId };
+
+        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        }).then(res => {
-            res.json().then(o => {
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
+
                 if (status == 'clientAuthenticating') {
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
@@ -99,20 +118,24 @@
                     addInput(form, "continue", "true"); // required for custom dispatching in usernameless
                     document.body.appendChild(form);
                     form.submit();
-                }
-                else if (status == 'failed' || status == 'unknown') {
-
+                } else if (status == 'failed' || status == 'unknown') {
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
-
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
-        }).catch((err) => console.error("error: ", err));
     }
 
     dispatchLink();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/SAML_SP_nevisidm_admin_Realm/webdata/resources/mauth_onboard.js

@@ -16,6 +16,12 @@
 
     let statusPolling;
 
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
     function renderEnrollment() {
 
         // link is provided by a hidden GuiElem
@@ -52,44 +58,53 @@
     }
 
     function poll() {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
+
+        isPolling = true;
 
         // state is held on backend side
         const request = {};
 
-        // calling nevisFIDO through nevisAuth on current URL using AJAX
-        fetch("", {
+        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        }).then(res => {
-            res.json().then(o => {
+        });
 
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
 
                 if (status == 'clientRegistering') {
-
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
 
                     // hide QR-code and information
                     document.getElementById("mauth_qrcode").style.display = 'none';
                     document.getElementById("mauth_qrcode_info").style.display = 'none';
-                }
-                else if (status == 'succeeded') {
-
+                } else if (status == 'succeeded') {
                     clearInterval(statusPolling);
-                    console.error("onboarding successful");
+                    console.log("onboarding successful");
 
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     document.body.appendChild(form);
                     form.submit();
-                }
-                else if (status == 'failed' || status == 'unknown') {
-
+                } else if (status == 'failed' || status == 'unknown') {
                     clearInterval(statusPolling);
                     console.error("onboarding failed with status: " + status);
 
@@ -98,8 +113,15 @@
                     document.body.appendChild(form);
                     form.submit();
                 }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(), POLLING_INTERVAL);
             });
-        }).catch((err) => console.error("error: ", err));
     }
 
     renderEnrollment();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/SAML_SP_nevisidm_admin_Realm/webdata/resources/mauth_push_qr.js

@@ -16,6 +16,12 @@
 
     let statusPolling;
 
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
     function dispatch(id) {
 
         document.getElementById("mauth_devices").style.display = "none"; // hide selection menu
@@ -70,9 +76,7 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    statusPolling = window.setInterval(function () {
-                        poll(sessionId);
-                    }, 2000);
+                    poll(sessionId);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -125,47 +129,64 @@
     }
 
     function poll(sessionId) {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
+        isPolling = true;
 
-        const request = {};
-        request.fidoUafSessionId = sessionId;
+        const request = { fidoUafSessionId: sessionId };
 
-        // calling nevisFIDO through nevisAuth on current URL using AJAX
-        fetch("", {
+        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        }).then(res => {
-            res.json().then(o => {
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
+
                 if (status == 'clientAuthenticating') {
                     document.getElementById("mauth_qrcode").style.display = 'none';
                     document.getElementById("mauth_qrcode_info").style.display = 'none';
                     document.getElementById("mauth_match_numbers").style.display = 'block';
                     document.getElementById("mauth_loading").style.display = 'block';
                 }
+
                 if (status == 'succeeded') {
                     clearInterval(statusPolling);
-                    // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     document.body.appendChild(form);
                     form.submit();
-                }
-                else if (status == 'failed' || status == 'unknown') {
-
+                } else if (status == 'failed' || status == 'unknown') {
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
-
-                    // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
-        }).catch((err) => console.error("error: ", err));
     }
 
     renderDeviceList();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/SAML_SP_nevisidm_admin_Realm/webdata/resources/mauth_usernameless.js

@@ -16,6 +16,12 @@
 
     let statusPolling;
 
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
     function dispatch() {
 
         console.log("initiating usernameless mobile authentication...");
@@ -58,9 +64,7 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    statusPolling = window.setInterval(function () {
-                        poll(sessionId);
-                    }, 2000);
+                    poll(sessionId);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -73,46 +77,66 @@
     }
 
     function poll(sessionId) {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
 
-        const request = {};
-        request.fidoUafSessionId = sessionId;
+        isPolling = true;
 
-        // calling nevisFIDO through nevisAuth on current URL using AJAX
-        fetch("", {
+        const request = { fidoUafSessionId: sessionId };
+
+        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        }).then(res => {
-            res.json().then(o => {
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
+
                 if (status == 'clientAuthenticating') {
-                    document.getElementById("mauth_qrcode").style.display = 'none';
+                    // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
+                    document.getElementById("mauth_qrcode").style.display = 'none';
                 }
                 if (status == 'succeeded') {
                     clearInterval(statusPolling);
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
-                    addInput(form, "fidoUafDone", "true"); // checked by Groovy script
+                    addInput(form, "continue", "true"); // required for custom dispatching in usernameless
                     document.body.appendChild(form);
                     form.submit();
-                }
-                else if (status == 'failed' || status == 'unknown') {
-
+                } else if (status == 'failed' || status == 'unknown') {
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
-
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
-                    addInput(form, "fidoUafSessionId", sessionId); // checked by Groovy script
+                    addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
-        }).catch((err) => console.error("error: ", err));
     }
 
     dispatch();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/SAML_SP_nevisidm_operations_Realm/webdata/resources/mauth_link_qr.js

@@ -16,6 +16,12 @@
 
     let statusPolling;
 
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
     function dispatchLink() {
 
         document.getElementById("mauth_started").style.display = "block"; // show
@@ -55,9 +61,7 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    statusPolling = window.setInterval(function () {
-                        poll(sessionId);
-                    }, 2000);
+                    poll(sessionId);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -70,21 +74,36 @@
     }
 
     function poll(sessionId) {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
 
-        const request = {};
-        request.fidoUafSessionId = sessionId;
+        isPolling = true;
 
-        // calling nevisFIDO through nevisAuth on current URL using AJAX
-        fetch("", {
+        const request = { fidoUafSessionId: sessionId };
+
+        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        }).then(res => {
-            res.json().then(o => {
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
+
                 if (status == 'clientAuthenticating') {
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
@@ -99,20 +118,24 @@
                     addInput(form, "continue", "true"); // required for custom dispatching in usernameless
                     document.body.appendChild(form);
                     form.submit();
-                }
-                else if (status == 'failed' || status == 'unknown') {
-
+                } else if (status == 'failed' || status == 'unknown') {
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
-
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
-        }).catch((err) => console.error("error: ", err));
     }
 
     dispatchLink();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/SAML_SP_nevisidm_operations_Realm/webdata/resources/mauth_onboard.js

@@ -16,6 +16,12 @@
 
     let statusPolling;
 
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
     function renderEnrollment() {
 
         // link is provided by a hidden GuiElem
@@ -52,44 +58,53 @@
     }
 
     function poll() {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
+
+        isPolling = true;
 
         // state is held on backend side
         const request = {};
 
-        // calling nevisFIDO through nevisAuth on current URL using AJAX
-        fetch("", {
+        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        }).then(res => {
-            res.json().then(o => {
+        });
 
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
 
                 if (status == 'clientRegistering') {
-
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
 
                     // hide QR-code and information
                     document.getElementById("mauth_qrcode").style.display = 'none';
                     document.getElementById("mauth_qrcode_info").style.display = 'none';
-                }
-                else if (status == 'succeeded') {
-
+                } else if (status == 'succeeded') {
                     clearInterval(statusPolling);
-                    console.error("onboarding successful");
+                    console.log("onboarding successful");
 
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     document.body.appendChild(form);
                     form.submit();
-                }
-                else if (status == 'failed' || status == 'unknown') {
-
+                } else if (status == 'failed' || status == 'unknown') {
                     clearInterval(statusPolling);
                     console.error("onboarding failed with status: " + status);
 
@@ -98,8 +113,15 @@
                     document.body.appendChild(form);
                     form.submit();
                 }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(), POLLING_INTERVAL);
             });
-        }).catch((err) => console.error("error: ", err));
     }
 
     renderEnrollment();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/SAML_SP_nevisidm_operations_Realm/webdata/resources/mauth_push_qr.js

@@ -16,6 +16,12 @@
 
     let statusPolling;
 
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
     function dispatch(id) {
 
         document.getElementById("mauth_devices").style.display = "none"; // hide selection menu
@@ -70,9 +76,7 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    statusPolling = window.setInterval(function () {
-                        poll(sessionId);
-                    }, 2000);
+                    poll(sessionId);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -125,47 +129,64 @@
     }
 
     function poll(sessionId) {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
+        isPolling = true;
 
-        const request = {};
-        request.fidoUafSessionId = sessionId;
+        const request = { fidoUafSessionId: sessionId };
 
-        // calling nevisFIDO through nevisAuth on current URL using AJAX
-        fetch("", {
+        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        }).then(res => {
-            res.json().then(o => {
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
+
                 if (status == 'clientAuthenticating') {
                     document.getElementById("mauth_qrcode").style.display = 'none';
                     document.getElementById("mauth_qrcode_info").style.display = 'none';
                     document.getElementById("mauth_match_numbers").style.display = 'block';
                     document.getElementById("mauth_loading").style.display = 'block';
                 }
+
                 if (status == 'succeeded') {
                     clearInterval(statusPolling);
-                    // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     document.body.appendChild(form);
                     form.submit();
-                }
-                else if (status == 'failed' || status == 'unknown') {
-
+                } else if (status == 'failed' || status == 'unknown') {
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
-
-                    // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
                     addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
-        }).catch((err) => console.error("error: ", err));
     }
 
     renderDeviceList();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/logrend/var/opt/nevislogrend/default/data/applications/SAML_SP_nevisidm_operations_Realm/webdata/resources/mauth_usernameless.js

@@ -16,6 +16,12 @@
 
     let statusPolling;
 
+    let isPolling = false;
+    let pollingTimeout = null;
+
+    const POLLING_INTERVAL = 2000;
+    const REQUEST_TIMEOUT = 3000;
+
     function dispatch() {
 
         console.log("initiating usernameless mobile authentication...");
@@ -58,9 +64,7 @@
                     });
                     var sessionId = o.sessionId;
                     console.log("started polling for session ID: " + sessionId);
-                    statusPolling = window.setInterval(function () {
-                        poll(sessionId);
-                    }, 2000);
+                    poll(sessionId);
                 }
                 else {
                     console.log("authentication failed: " + o.dispatchResult);
@@ -73,46 +77,66 @@
     }
 
     function poll(sessionId) {
+        if (isPolling) {
+            return; // Exit if a polling request is already ongoing
+        }
 
-        const request = {};
-        request.fidoUafSessionId = sessionId;
+        isPolling = true;
 
-        // calling nevisFIDO through nevisAuth on current URL using AJAX
-        fetch("", {
+        const request = { fidoUafSessionId: sessionId };
+
+        const fetchRequest = fetch("", {
             method: "POST",
             headers: {
                 'Content-Type': 'application/json'
             },
             body: JSON.stringify(request)
-        }).then(res => {
-            res.json().then(o => {
+        });
+
+        // Set up the timeout for the fetch request
+        const timeoutPromise = new Promise((_, reject) => {
+            pollingTimeout = setTimeout(() => {
+                reject(new Error('Request timed out'));
+            }, REQUEST_TIMEOUT);
+        });
+
+        Promise.race([fetchRequest, timeoutPromise])
+            .then(res => res.json())
+            .then(o => {
+                clearTimeout(pollingTimeout);
                 var status = o.status;
                 console.log("status: " + status);
+
                 if (status == 'clientAuthenticating') {
-                    document.getElementById("mauth_qrcode").style.display = 'none';
+                    // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
+                    document.getElementById("mauth_qrcode").style.display = 'none';
                 }
                 if (status == 'succeeded') {
                     clearInterval(statusPolling);
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
-                    addInput(form, "fidoUafDone", "true"); // checked by Groovy script
+                    addInput(form, "continue", "true"); // required for custom dispatching in usernameless
                     document.body.appendChild(form);
                     form.submit();
-                }
-                else if (status == 'failed' || status == 'unknown') {
-
+                } else if (status == 'failed' || status == 'unknown') {
                     clearInterval(statusPolling);
                     console.error("authentication failed with status: " + status);
-
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
-                    addInput(form, "fidoUafSessionId", sessionId); // checked by Groovy script
+                    addInput(form, "fidoUafSessionId", sessionId);
                     document.body.appendChild(form);
                     form.submit();
                 }
+            })
+            .catch((err) => {
+                console.error("error:", err);
+            })
+            .finally(() => {
+                isPolling = false;
+                // Schedule the next poll if needed
+                setTimeout(() => poll(sessionId), POLLING_INTERVAL);
             });
-        }).catch((err) => console.error("error: ", err));
     }
 
     dispatch();

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-idm/etc/nevis/k8s-nevisproxy-instance-idm-3bc06037962ad13be0a3a95d.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisProxy"
   replicas: 1
-  version: "8.2405.1"
+  version: "8.2411.1"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -46,7 +46,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-b6eaa7f9026321e4d7f57bdaa6a43d474d91683a"
+    tag: "r-b674d74c7f0ca9297d32d0956ea52006e353411b"
     dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-idm"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-idm/var/opt/nevisproxy/default/conf/log.properties

@@ -15,8 +15,6 @@ BC.Tracer.ProgName=isi3web
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.Secrets.Cipher=AES
 # source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.NavajoHttpSess=0
-# source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.NavajoResource=0
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.NavajoRequest=0
@@ -27,10 +25,6 @@ BC.Tracer.DebugProfile.NavajoSSL=0
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.NavajoCookie=0
 # source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.NavajoConIdent=0
-# source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.NavajoSession=0
-# source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.NavajoStart=0
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.NavajoConfig=0
@@ -41,17 +35,7 @@ BC.Tracer.DebugProfile.NavajoHeader=0
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.NavajoTimer=0
 # source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.NavajoMgmt=0
-# source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.NavajoAdmin=0
-# source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.NevisMgmt=0
-# source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.JmxAmp=0
-# source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.MBeanSrv=0
-# source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.HttpAdaptor=0
+BC.Tracer.DebugProfile.Apache=0
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.IsiwebOp=0
 # source: pattern://3bc06037962ad13be0a3a95d
@@ -61,10 +45,6 @@ BC.Tracer.DebugProfile.IW4HttpsConnSrv=0
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.IW4Esau4ConnSrv=0
 # source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.IW4NISConnSrv=0
-# source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.IW4PAMConnSrv=0
-# source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.IW4X509AuthSrv=0
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.IW4LogRenSrv=0
@@ -145,10 +125,6 @@ BC.Tracer.DebugProfile.IW4MappingFlt=0
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.IW4ResSessFlt=0
 # source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.JMXSessionFlt=0
-# source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.JMXRequestFlt=0
-# source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.NevisSession=0
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.IW4ParamFlt=0
@@ -161,8 +137,6 @@ BC.Tracer.DebugProfile.IW4CSRFFlt=0
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.IW4FltMappFlt=0
 # source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.IW4QmrFlt=0
-# source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.IW4LogFlt=0
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.IW4WebSocketSrv=0
@@ -219,14 +193,16 @@ BC.Tracer.DebugProfile.EsauthProvider=0
 # source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.IsiOp=0
 # source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.transTCP=0
-# source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.IO=0
-# source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.IOSub=0
-# source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.Alarming=0
-# source: pattern://3bc06037962ad13be0a3a95d
-BC.Tracer.DebugProfile.AlarmEngine=0
-# source: pattern://3bc06037962ad13be0a3a95d
 BC.Tracer.DebugProfile.NPMultiLevelStr=0
+# source: pattern://3bc06037962ad13be0a3a95d
+BC.Tracer.DebugProfile.NPPSQLSessSrv=0
+# source: pattern://3bc06037962ad13be0a3a95d
+BC.Tracer.DebugProfile.NPFileReader=0
+# source: pattern://3bc06037962ad13be0a3a95d
+BC.Tracer.DebugProfile.NPPerfMeter=0
+# source: pattern://3bc06037962ad13be0a3a95d
+BC.Tracer.DebugProfile.NPLoadBalance=0
+# source: pattern://3bc06037962ad13be0a3a95d
+BC.Tracer.DebugProfile.NPCountryIpFlt=0
+# source: pattern://3bc06037962ad13be0a3a95d
+BC.Tracer.DebugProfile.WSInspFlt=0

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-idm/var/opt/nevisproxy/default/host-admin.agov-w.azure.adnovum.net/WEB-INF/web.xml

@@ -182,7 +182,7 @@
         <!-- source: pattern://6f9c9f982dcc7ef59a34f1f7 -->
         <init-param>
             <param-name>DynamicRoleAcquire.CheckRoleRemoval</param-name>
-            <param-value>true</param-value>
+            <param-value>false</param-value>
         </init-param>
         <!-- source: pattern://6f9c9f982dcc7ef59a34f1f7 -->
         <init-param>

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/etc/nevis/k8s-operations-nevisproxy-instance-bd83dfbd467e8211ffe71d28.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisProxy"
   replicas: 1
-  version: "8.2405.1"
+  version: "8.2411.1"
   gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
@@ -46,7 +46,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-b6eaa7f9026321e4d7f57bdaa6a43d474d91683a"
+    tag: "r-b674d74c7f0ca9297d32d0956ea52006e353411b"
     dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/var/opt/nevisproxy/default/conf/log.properties

@@ -15,8 +15,6 @@ BC.Tracer.ProgName=isi3web
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.Secrets.Cipher=AES
 # source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.NavajoHttpSess=0
-# source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.NavajoResource=0
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.NavajoRequest=0
@@ -27,10 +25,6 @@ BC.Tracer.DebugProfile.NavajoSSL=0
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.NavajoCookie=0
 # source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.NavajoConIdent=0
-# source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.NavajoSession=0
-# source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.NavajoStart=0
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.NavajoConfig=0
@@ -41,17 +35,7 @@ BC.Tracer.DebugProfile.NavajoHeader=0
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.NavajoTimer=0
 # source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.NavajoMgmt=0
-# source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.NavajoAdmin=0
-# source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.NevisMgmt=0
-# source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.JmxAmp=0
-# source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.MBeanSrv=0
-# source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.HttpAdaptor=0
+BC.Tracer.DebugProfile.Apache=0
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.IsiwebOp=0
 # source: pattern://bd83dfbd467e8211ffe71d28
@@ -61,10 +45,6 @@ BC.Tracer.DebugProfile.IW4HttpsConnSrv=0
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.IW4Esau4ConnSrv=0
 # source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.IW4NISConnSrv=0
-# source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.IW4PAMConnSrv=0
-# source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.IW4X509AuthSrv=0
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.IW4LogRenSrv=0
@@ -145,10 +125,6 @@ BC.Tracer.DebugProfile.IW4MappingFlt=0
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.IW4ResSessFlt=0
 # source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.JMXSessionFlt=0
-# source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.JMXRequestFlt=0
-# source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.NevisSession=0
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.IW4ParamFlt=0
@@ -161,8 +137,6 @@ BC.Tracer.DebugProfile.IW4CSRFFlt=0
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.IW4FltMappFlt=0
 # source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.IW4QmrFlt=0
-# source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.IW4LogFlt=0
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.IW4WebSocketSrv=0
@@ -219,14 +193,16 @@ BC.Tracer.DebugProfile.EsauthProvider=0
 # source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.IsiOp=0
 # source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.transTCP=0
-# source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.IO=0
-# source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.IOSub=0
-# source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.Alarming=0
-# source: pattern://bd83dfbd467e8211ffe71d28
-BC.Tracer.DebugProfile.AlarmEngine=0
-# source: pattern://bd83dfbd467e8211ffe71d28
 BC.Tracer.DebugProfile.NPMultiLevelStr=0
+# source: pattern://bd83dfbd467e8211ffe71d28
+BC.Tracer.DebugProfile.NPPSQLSessSrv=0
+# source: pattern://bd83dfbd467e8211ffe71d28
+BC.Tracer.DebugProfile.NPFileReader=0
+# source: pattern://bd83dfbd467e8211ffe71d28
+BC.Tracer.DebugProfile.NPPerfMeter=0
+# source: pattern://bd83dfbd467e8211ffe71d28
+BC.Tracer.DebugProfile.NPLoadBalance=0
+# source: pattern://bd83dfbd467e8211ffe71d28
+BC.Tracer.DebugProfile.NPCountryIpFlt=0
+# source: pattern://bd83dfbd467e8211ffe71d28
+BC.Tracer.DebugProfile.WSInspFlt=0

DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/var/opt/nevisproxy/default/host-op.agov-w.azure.adnovum.net/WEB-INF/web.xml

@@ -277,7 +277,7 @@
         <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
         <init-param>
             <param-name>DynamicRoleAcquire.CheckRoleRemoval</param-name>
-            <param-value>true</param-value>
+            <param-value>false</param-value>
         </init-param>
         <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
         <init-param>