nevis
/
adn-agov-iam-admin-inventory
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new configuration version

This commit is contained in:
mamo 2024-11-04 13:55:28 +00:00
parent 8264aaa06f
commit d0d95ee9ae
898 changed files with 156989 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/etc/nevis/k8s-auth-sh4r3d-nevisidm-sectoken-signer-ac27dd7daad0ca2b7229bfaf.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisKeyStore"
metadata:
name: "auth-sh4r3d-nevisidm-sectoken-signer"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "auth-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ac27dd7daad0ca2b7229bfaf"
spec:
cn: "signer"
usage: "signer"
san:
dns: []
email: []

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/etc/nevis/k8s-auth-v1-default-default-signer-trust-ac27dd7daad0ca2b7229bfaf.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisTrustStore"
metadata:
name: "auth-v1-default-default-signer-trust"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "auth-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ac27dd7daad0ca2b7229bfaf"
spec:
keystores:
- name: "auth-sh4r3d-nevisidm-sectoken-signer"
namespace: "adn-agov-nevisidm-admin-01-uat"

18
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/etc/nevis/k8s-auth-v1-default-identity-ac27dd7daad0ca2b7229bfaf.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisKeyStore"
metadata:
name: "auth-v1-default-identity"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "auth-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ac27dd7daad0ca2b7229bfaf"
spec:
cn: "auth-v1"
usage: "<reserved for future use>"
san:
dns:
- "auth-v1"
- "auth-v1.adn-agov-nevisidm-admin-01-uat"
email: []

18
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/etc/nevis/k8s-auth-v1-default-tls-client-trust-ac27dd7daad0ca2b7229bfaf.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisTrustStore"
metadata:
name: "auth-v1-default-tls-client-trust"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "auth-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ac27dd7daad0ca2b7229bfaf"
spec:
keystores:
- name: "proxy-idm-v1-saml-sp-nevisidm-admin-realm-identity"
namespace: "adn-agov-nevisidm-admin-01-uat"
- name: "proxy-sp-v1-saml-sp-nevisidm-operations-realm-identity"
namespace: "adn-agov-nevisidm-admin-01-uat"
- name: "proxy-sp-v1-op-onbrdng-authenticationrealm-identity"
namespace: "adn-agov-nevisidm-admin-01-uat"

16
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/etc/nevis/k8s-auth-v1-default-tls-trust-ac27dd7daad0ca2b7229bfaf.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisTrustStore"
metadata:
name: "auth-v1-default-tls-trust"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "auth-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ac27dd7daad0ca2b7229bfaf"
spec:
keystores:
- name: "idm-v1-default-identity"
namespace: "adn-agov-nevisidm-admin-01-uat"
- name: "idm-job-v1-default-identity"
namespace: "adn-agov-nevisidm-admin-01-uat"

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/etc/nevis/k8s-auth-v1-saml-idp-admin-connector-trust-store-ac27dd7daad0ca2b7229bfaf.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisTrustStore"
metadata:
name: "auth-v1-saml-idp-admin-connector-trust-store"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "auth-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ac27dd7daad0ca2b7229bfaf"
spec:
keystores: []
extraCerts:
- "-----BEGIN CERTIFICATE-----\nMIIEGDCCAwCgAwIBAgIBBDANBgkqhkiG9w0BAQsFADA4MQswCQYDVQQGEwJjaDEQ\nMA4GA1UEChMHQWRub3Z1bTEXMBUGA1UEAxMOYml0ZWlhbS1yb290Q0EwHhcNMjAw\nMzA1MTYzMDAwWhcNMzAwMzAzMTYzMDAwWjA0MQswCQYDVQQGEwJjaDEQMA4GA1UE\nChMHQWRub3Z1bTETMBEGA1UEAxMKc2lnbmVyRkVEUzCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAJoWqbsYhNXW0mDsDJPAiTN896e4QML9qnt7FIhVKKe3\nT66lT/nfOkFPUZuKejgbjFFDEDChRJf0Achq7lWGKPrNPnrTxZmU7Bcu86BER76L\n4kDcGF/x03W9fgUgQ7X45CXYeq4vqfpzNC+lkZA1OxbpcXZA/4Z39Z3pm7CWXnAg\nv6nFABKJ9kVAyhuPyb5yIuGHcdLL+068aVp5sxY/6HoXf889+iVFDgTwSXVYKMyZ\nnZbvvd/IIod4WuiXsOspPS9yj+E9yMvtsUtChghcQ17ubo7S1P8JxAQWXngopH8Y\nnDeOiesJfR2APDdg7EXWYewARSFr10GxuXoKDjLe148CAwEAAaOCAS8wggErMAkG\nA1UdEwQCMAAwPwYJYIZIAYb4QgENBDIWME5ldmlzIEtleUJveCBHZW5lcmF0ZWQg\nQ2VydGlmaWNhdGUgdXNpbmcgT3BlblNTTDALBgNVHQ8EBAMCA6gwHQYDVR0lBBYw\nFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ4zYpzY1lB5/bKeg3z1kJO\nkkdYgDBoBgNVHSMEYTBfgBRRdKau0TH9VQ0E8ob0J+WyYkcs4aE8pDowODELMAkG\nA1UEBhMCY2gxEDAOBgNVBAoTB0Fkbm92dW0xFzAVBgNVBAMTDmJpdGVpYW0tcm9v\ndENBggkA+97eIJWmttcwEQYJYIZIAYb4QgEBBAQDAgbAMBUGA1UdEQQOMAyCCnNp\nZ25lckZFRFMwDQYJKoZIhvcNAQELBQADggEBAHGHJ7DzRNdPl6Kiy4rCoQR/nhTa\nVbBsAeB070NpWma2iun3Wf5zIoefbSlPoofP4tOVYUoKtMHTWCYAUnHIEg5H985y\nYm2MFY0vwgMZ+Jvcs7NCHzK9O/tN+uUjkFNLSCfzTb+K9vyF6lj4L4lQWa5++DZ6\nkWPaDWvwY/NOSoIehmJupmcJlA1qxzlTc+659xoOk1WyhusNkuiOUjFrLQ+tgRnD\n7dGuzJQyBV1Iy/A4IhpN2ootVgrI7NMJ2YetCq7yuipRZka3RoeVhUs8CWFfYRtc\nsaTCck7atYyMVlPUf03EppC18ILBmbNzYJ58KT2oQywa7+Sdsqx4+5cOOOU=\n-----END CERTIFICATE-----\n"

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/etc/nevis/k8s-auth-v1-saml-idp-op-connector-trust-store-ac27dd7daad0ca2b7229bfaf.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisTrustStore"
metadata:
name: "auth-v1-saml-idp-op-connector-trust-store"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "auth-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ac27dd7daad0ca2b7229bfaf"
spec:
keystores: []
extraCerts:
- "-----BEGIN CERTIFICATE-----\nMIIEGDCCAwCgAwIBAgIBBDANBgkqhkiG9w0BAQsFADA4MQswCQYDVQQGEwJjaDEQ\nMA4GA1UEChMHQWRub3Z1bTEXMBUGA1UEAxMOYml0ZWlhbS1yb290Q0EwHhcNMjAw\nMzA1MTYzMDAwWhcNMzAwMzAzMTYzMDAwWjA0MQswCQYDVQQGEwJjaDEQMA4GA1UE\nChMHQWRub3Z1bTETMBEGA1UEAxMKc2lnbmVyRkVEUzCCASIwDQYJKoZIhvcNAQEB\nBQADggEPADCCAQoCggEBAJoWqbsYhNXW0mDsDJPAiTN896e4QML9qnt7FIhVKKe3\nT66lT/nfOkFPUZuKejgbjFFDEDChRJf0Achq7lWGKPrNPnrTxZmU7Bcu86BER76L\n4kDcGF/x03W9fgUgQ7X45CXYeq4vqfpzNC+lkZA1OxbpcXZA/4Z39Z3pm7CWXnAg\nv6nFABKJ9kVAyhuPyb5yIuGHcdLL+068aVp5sxY/6HoXf889+iVFDgTwSXVYKMyZ\nnZbvvd/IIod4WuiXsOspPS9yj+E9yMvtsUtChghcQ17ubo7S1P8JxAQWXngopH8Y\nnDeOiesJfR2APDdg7EXWYewARSFr10GxuXoKDjLe148CAwEAAaOCAS8wggErMAkG\nA1UdEwQCMAAwPwYJYIZIAYb4QgENBDIWME5ldmlzIEtleUJveCBHZW5lcmF0ZWQg\nQ2VydGlmaWNhdGUgdXNpbmcgT3BlblNTTDALBgNVHQ8EBAMCA6gwHQYDVR0lBBYw\nFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ4zYpzY1lB5/bKeg3z1kJO\nkkdYgDBoBgNVHSMEYTBfgBRRdKau0TH9VQ0E8ob0J+WyYkcs4aE8pDowODELMAkG\nA1UEBhMCY2gxEDAOBgNVBAoTB0Fkbm92dW0xFzAVBgNVBAMTDmJpdGVpYW0tcm9v\ndENBggkA+97eIJWmttcwEQYJYIZIAYb4QgEBBAQDAgbAMBUGA1UdEQQOMAyCCnNp\nZ25lckZFRFMwDQYJKoZIhvcNAQELBQADggEBAHGHJ7DzRNdPl6Kiy4rCoQR/nhTa\nVbBsAeB070NpWma2iun3Wf5zIoefbSlPoofP4tOVYUoKtMHTWCYAUnHIEg5H985y\nYm2MFY0vwgMZ+Jvcs7NCHzK9O/tN+uUjkFNLSCfzTb+K9vyF6lj4L4lQWa5++DZ6\nkWPaDWvwY/NOSoIehmJupmcJlA1qxzlTc+659xoOk1WyhusNkuiOUjFrLQ+tgRnD\n7dGuzJQyBV1Iy/A4IhpN2ootVgrI7NMJ2YetCq7yuipRZka3RoeVhUs8CWFfYRtc\nsaTCck7atYyMVlPUf03EppC18ILBmbNzYJ58KT2oQywa7+Sdsqx4+5cOOOU=\n-----END CERTIFICATE-----\n"

63
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/etc/nevis/k8s-nevisauth-ac27dd7daad0ca2b7229bfaf.yaml Normal file
View File

@ -0,0 +1,63 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisComponent"
metadata:
name: "auth-v1"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "auth-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ac27dd7daad0ca2b7229bfaf"
spec:
type: "NevisAuth"
replicas: 1
version: "8.2405.2"
gitInitVersion: "1.3.0"
runAsNonRoot: true
ports:
management: 9000
soap: 8991
resources:
limits:
cpu: "2"
memory: "2000Mi"
requests:
cpu: "20m"
memory: "1000Mi"
livenessProbe:
soap:
tcpSocket: true
periodSeconds: 5
timeoutSeconds: 4
readinessProbe:
management:
httpGet:
path: "/nevisauth/liveness"
periodSeconds: 5
timeoutSeconds: 6
startupProbe:
management:
httpGet:
path: "/nevisauth/liveness"
periodSeconds: 5
timeoutSeconds: 6
failureThreshold: 50
podDisruptionBudget:
maxUnavailable: "50%"
git:
tag: "r-29c1b415348a6c1b8b32c65f6f40449f8c7765b0"
dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1"
credentials: "git-credentials"
keystores:
- "auth-v1-default-identity"
- "auth-sh4r3d-nevisidm-sectoken-signer"
truststores:
- "auth-v1-default-tls-client-trust"
- "auth-v1-default-tls-trust"
- "auth-v1-saml-idp-admin-connector-trust-store"
- "auth-v1-saml-idp-op-connector-trust-store"
- "auth-v1-default-default-signer-trust"
podSecurity:
policy: "baseline"
automountServiceAccountToken: false
timeZone: "Europe/Zurich"

18
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/etc/nevis/nevisauth_default.yml Normal file
View File

@ -0,0 +1,18 @@
schemaVersion: 1.0
instance:
type: "nevisauth"
name: "default"
directory: "/var/opt/nevisauth/default"
pid: "systemctl show nevisauth@default -p MainPID | cut -d '=' -f2"
source:
url: "/nevisadmin/#/projects/DEFAULT-ADN-AGOV-ADMIN-PROJECT/patterns/ac27dd7daad0ca2b7229bfaf"
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ac27dd7daad0ca2b7229bfaf"
patternClass: "ch.nevis.admin.v4.plugin.nevisauth.patterns.NevisAuthDeployable"
resources:
ports:
- "0.0.0.0:8991"
control:
start: "systemctl restart nevisauth@default &"
stop: "systemctl stop nevisauth@default"
status: "systemctl status nevisauth@default"

32
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/keys/own/operations-admin-signer-pem-key-store/cert.pem Normal file
View File

@ -0,0 +1,32 @@
-----BEGIN CERTIFICATE-----
MIIFiTCCA3GgAwIBAgIUIZmIFu1OifLaIzdQ5H+KT2+9nucwDQYJKoZIhvcNAQEL
BQAwVDELMAkGA1UEBhMCY2gxEDAOBgNVBAoMB0Fkbm92dW0xDTALBgNVBAsMBEFH
T1YxJDAiBgNVBAMMG29wLmFnb3Ytdy5henVyZS5hZG5vdnVtLm5ldDAeFw0yNDA4
MTkwOTUyMTBaFw0zNDA4MTcwOTUyMTBaMFQxCzAJBgNVBAYTAmNoMRAwDgYDVQQK
DAdBZG5vdnVtMQ0wCwYDVQQLDARBR09WMSQwIgYDVQQDDBtvcC5hZ292LXcuYXp1
cmUuYWRub3Z1bS5uZXQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDF
NEVj7VG5girGp+FWNQ0cJ8Ti4iF79cd0iiqK7J20x8JJng+fdqsNdcFtsAc7vQT9
Q/OTC9wHktFrIsJvvBOSbA4zQDY/7uxDM8hlOcqpKYsTE3scc5j6NnPrE7YLbiWc
zRwmQAF1He8hrllKX4vKSNmzQuL1Fgr3zv19/kwUk3ug7CxsMqWjyp/p4xxhLaL0
RNbQwkdJyQnNqCa/JHPKowcZa7sXusWc0oxKknAqHQCigF1guDZf7yNb7KVaTrJf
TMaCXd5DOgbAuwfYDfJxgSSJxp+SgJDcX/NdTTZQSjiyeIAwkJds8iH367nfS8TI
Zbxe8RMUsS/V8N7d/CIKiuWI3ImLJNSDdk/5FiNl09Exx/J65LBzzWK7FT4in3vZ
VvuEda1dU/nYh9+feHVNZHIFuu1OaAoLMzt7oRukE7rqIE/L7Xr+1QEz37AvS2PB
/6p9Dz98BRKjeMiRX/YvEo0beRGQDRsF1PsummZR3D4hbq0WPHj7Yi+vDCFfcmAQ
LK28Gtm0Mt1XIwTakf33RbryOSerF/ItbkYxP01T4pI0CLWVs2UDy4fejAH1o6Kp
ZvCeBuDDV4Vbgsg2gYdMwoU5sNUJH9vOGKuR3fNAY35ITcubZMe+vOAniZJIYwyy
PNE7FrfzXU1kQOkiDKMjVcj4ONKUa16l89Kn9yJQWQIDAQABo1MwUTAdBgNVHQ4E
FgQUmq4HxS3h6DMPbAAp7OFRftcLTzowHwYDVR0jBBgwFoAUmq4HxS3h6DMPbAAp
7OFRftcLTzowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAbdOP
xoTX5oBliYCFqHMAX5HFyRiwkaUgfbeWKfFRMagE6wztXOsypUnJT9zPZ1Vzu7w0
EriilvmqEWFEPLnRUwCksaj698gEJpZtjHsmImbUz07psw2w1lbbAdijaVgtajAy
0M0g8r8y4eomlGqCjnpvIvhrhcMl2AVW0lW4lFJHrHg2rPtwj0F8jBTBU4ptkg6/
XyDaBFKVoCt1ged53Bf2htnkvw8oXqinYzR6qQAUX+dvLu7GH7Nbo2S1dOl2h3Ov
g7E6unLS+t5Ys/7FHdJUBXSwKl2/AkRCze159LBxhhrptLkrFrDkWKR+ACsY61a/
wxqLxkdPQRfN+c+dUq59oF15/mrgwzj36o70WYT1xoE++jK9HDOr0wifbqe2jMY6
Kx66yPvtXEuHcRnzpVrTH+vTCgQ1f/GmIMLHSxEk0roFb/es+kSgHGfMhyXkp8q/
iL6uQQz8J1J7vtNhUbCNGcSAReK0MASAsQ34rcFB0XGl/YZ4EJ092XjDXnM9+BmG
HScOg0AoGBg/zjLuBRo++jp42GpedLuFlDqlUyFYl9rOGczM9TD4cTvViCvpP/95
nSk6WsNrJN+s5SF6plgRBGXDI0AYEaGEhODkR88BzJtmRdxNnoBowFDMVgsgUHzN
6AfsSrlJPrOjAiMeUiR+WLuhJVifpT+FIoTb/Ko=
-----END CERTIFICATE-----

54
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/keys/own/operations-admin-signer-pem-key-store/key.pem Normal file
View File

@ -0,0 +1,54 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUSFveca6jQvyQEDNp
+SAa7cjgsZkCAggAMB0GCWCGSAFlAwQBKgQQPi0Fa+RJi5NQGegMJMlKbgSCCVBo
Yddg8FtVvQgWXWua1XzMpgUiHO8p2/Ka1YnJ5UyoEbhuMD53IFCUVBR8Dh0p5QQR
5+3z5KJ7neLtAMAtFb/rdvupGhLqzIBLOTbPLOi3B9gmnzxMRiLbPsgk5jPMG/Xw
0KNMOnuKaf4qsGTmBowDIXwahklFFM7USmocxx27zHLjjM+XJecHhOp2kwPMQvts
2G0MrYs8+ZdWMOIlgQwxJnCnHmJIaP48ZvrByxR3dNYG8/nhxx/mKx2Qvmd4I4co
whJQxa2o/3RqAQuRxckHa2ohzwxhRpPT2peEMtvuKJ7OtPY2dfkLVm0yCjOV6Bvw
0O9U3h2NKU9Bk1LVVLqbe6tpWQ/8BPAO5nEn+yU5wP3UbrVKTkTlSYMB5CuG0ZYR
62G4esxb7T+zKfkqES68Pzl5KNhaOhBeqmaXAcdryNYsPSVtLX8h+Wjqak0IbTGp
bD3T2CGa6JYm9h2FamcNzsUhlEDcDglsvq1sH7KTIJMwGdNwqPpb/bHUaWw6X3Kz
AvvP0c4y/bmu02C2PQ2G4BxI/0lBlCzvvwsoqK/NqcyK/d9ffMH1zK2vTErIRroT
6fJOAWiNcz1FhuKjZwtH3NQjHtf20YfmGfBx/CBdxnryvIoD+S8uxZojbGGnH/F4
qgofCAUxKzATt785ELa8XGsIaTRT4N2vm9TIbzpWAKVx0/GnOu7cIdCUDwD9TNGg
eZzCSRkPjXSE6i0QODA7LRxJEfVsWOjOI96sn3qiBjm0ZgrKdwivNQiOyHI58wJR
tpT7PgjLGVhy0iVZWm597BNq/wJi4DjshkcixVhYNVi7qXgUd2hsS3oCn8EzJvbO
UmzBuTlYkf+AfQMnE2VVCNtPd4V7a1nTJC80uxoqa+GrMBtwqs1Xf8k4cbZDBXBR
EOTWF3QhbZachtLkvrNBDfZvj9142PtN6yskRZnSrPNeKYUD1pucOvpqR/AYwqkl
fdTzAcuJK7Xrsq6h0lduEeV94VUZU7q3oledjCLK41bp4JdV9eOxYt96Qszx6/eA
tTFPTwvRb3SotqwMNhsZIgGb5YKf18n9z59qzAb4komHwYSFMN+6dxyyOqb+ecm9
WbGFUji7VaXaAyIfdmGQcyT44wiD0AZ9o8nQ9GZjwwQgy9BpKJbWtaPmBmlw6Eqr
nTxDtze6+MfifdO/tRgGq56Oe0Wag+OWk5k4dnst/oZ7QczLx5C1ycsq7ebpZJon
p8CHw5biOLHPuQQpWEQv3T1isZit9R3kNDu9c+6+TsaFZWdw6cCvhI6zK4j9fQu9
AS1Ab+kabk5Xs/XXQxzB+W2LagK7/jYX8Du/zLTWXfGQnSlu5iZuQiFFzQcR93kS
XGlo5FoB/m4tA4vi7j3NV6piKmnuwsK7Mmuxaki3ZDJeVzJ3h01Yzd+mK8cneQB9
72j3wQycpcCJX58iNebTUpdpdJ6X3DSh/zjb3HtrAQ6s8AQCagpuP9DMyCFzGShL
4a/g8NzN0+sS/LlDx+0im8YAnGkOLkepWTatmbtzW8qYH+vMlAn8hm3Tt/hYlBhg
FLJAQxdpahgGfUhnvxHZwiUP8LFy044DSRf0rb5065K62jhGwASZX/2qFnH/z31L
GVeDzFET66rSeJr0QXMRWoAPZMLZEH6KPPYDx0uvzFQNvX5V7lzQr+bzlMQMEVuw
JeGhwB1Cv9HE5+JE0W7dEeVkXpW91zx6AG3fq1fWngolWhbNDWEw6k3mMOfsUGcd
dVtxakzhNEpErILAUZga9g6L7XTjAwy3f5koLl5GgPHl0e0RC9NaxTmJQvR4BBEj
tpJLM8/PWMeozIGiDt/hHF80UWLLp/qF4tKHHGDfCquADlbP4n5KeU7NGgbtZqo1
6QWGSUUG2xeRWLLVU+RquucfLhPbWmtM5MmtUAoDyXsj/g2Ofj8dHJkFvQjfMDXX
xZ8DSabCOaqoA2ld5VXKfDG/QmStb0x1MKue8/v55FkBbOo5jTdAgEyi29+nF7Lo
DmIM/Z7H2TR0RIoFltKDm6h3YUgMT80idYWXIFf5J+2JKAdcUP0bzAZEEcsvBEEU
YrqyKM3R8JurQsXYyGx3upaxxljDLuLln8uXGUhqEdOXhzzK8cSb7LnQnLqU7OVA
IcFb5OgB5qlIs/p3LnI/Lkec4xpledh+xHRG5ADo+/MD1QIwGYvIcgV9/M2UtGEm
HAz8RAMnZlnBgvgbzaOax01ls8pLCOyYT5qWjWvAEldop4AOWnnjkkuj89xNrzFA
TJj1Z/2dhNJcJyvLQ6GNI5cyI1Y/cQ7UbBffoUmsMGVmwznlwD2ezIVP/KgSuahs
G1hT4D08c9Q6rF/dxO3Ithqlmk0AIUO949fiQsw6961QBET1Ttde9BCXg1UeZ9WY
1mCU6moNzO9HLPo9FFYQfF5e/LFkyBaraZHzuK2qZTnWXPu/vrHCsKeJAcVy2+X+
h5l3r0UICa33+r4DnxUnx1w6/NDZOkNBXTPBkEjL9n7os6fpxqcrqFCEFfPEzjJS
Si7scPe0OVVBSSFIGfSUewp12Z42a6WVQjGcAo3bSBioed+Vau7dsQhGfnFkdlEz
8ShzLpsCXn1+WnIGJ+Mnp1Eq9SRrLWVvhfK3+nuD+IOQS+Mdy6lZwv7Sh8aw1dah
E2lOCLOVZ5Gq2J+RmW9Mfc+XPt+mtgogIPVrB7/zg5iZblarjkNEE/xfgwF7XYRA
rzNDOVArYvnupq76BC606M+KrgUVNC4iUiA31o8LE/VN+Hb47LGmE9yw2HDgdYjq
QBnsf922zKJdtSdhcnJjKh540LpkMuMxHkBeYgzqGtRca93LIVOeuu/gHZ08Vy0g
FsvnSZ2YON2V7mKBM4Mr6PYioysIghFnItOcpybvm+qezmcG8E5icgMqgU9Xx3E0
6VYlNineY5LCyVNxahrOPI1lpn7+y0aXqcDmeV844R9sETRK5CtRrD44ZU6blpmp
ozqgrXTFGxdmhFIvh4YbmRx8tlPm2O8j3a62d2l8dD+wb6+pSOPdWy8nlZOKNTnu
e6+lduIiWz5k9I6i5t5HRFF9Ks3Y9BCWlztvPR/YtKGjb9KWr9Y6Qlusrjhqi+7m
Fh8JEy86X6HEZ4HjubYhncujckM9rUD7vpY9c1a1F0yPUbNHx6/lm0NkvSNaTtyX
N3AZ41ui96b5jUOgiw2AqyV2NXn35JZnmS0pe/Sjbw==
-----END ENCRYPTED PRIVATE KEY-----

2
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/keys/own/operations-admin-signer-pem-key-store/keypass Executable file
View File

@ -0,0 +1,2 @@
#!/bin/bash
echo 'RkygGwc8Ixv0xWxH7+EB1FeoE2Ako1Loj63V+fDcsQ='

BIN
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/keys/own/operations-admin-signer-pem-key-store/keystore.jks Normal file
View File

Binary file not shown.

BIN
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/keys/own/operations-admin-signer-pem-key-store/keystore.p12 Normal file
View File

Binary file not shown.

87
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/keys/own/operations-admin-signer-pem-key-store/keystore.pem Normal file
View File

@ -0,0 +1,87 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJqzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUSFveca6jQvyQEDNp
+SAa7cjgsZkCAggAMB0GCWCGSAFlAwQBKgQQPi0Fa+RJi5NQGegMJMlKbgSCCVBo
Yddg8FtVvQgWXWua1XzMpgUiHO8p2/Ka1YnJ5UyoEbhuMD53IFCUVBR8Dh0p5QQR
5+3z5KJ7neLtAMAtFb/rdvupGhLqzIBLOTbPLOi3B9gmnzxMRiLbPsgk5jPMG/Xw
0KNMOnuKaf4qsGTmBowDIXwahklFFM7USmocxx27zHLjjM+XJecHhOp2kwPMQvts
2G0MrYs8+ZdWMOIlgQwxJnCnHmJIaP48ZvrByxR3dNYG8/nhxx/mKx2Qvmd4I4co
whJQxa2o/3RqAQuRxckHa2ohzwxhRpPT2peEMtvuKJ7OtPY2dfkLVm0yCjOV6Bvw
0O9U3h2NKU9Bk1LVVLqbe6tpWQ/8BPAO5nEn+yU5wP3UbrVKTkTlSYMB5CuG0ZYR
62G4esxb7T+zKfkqES68Pzl5KNhaOhBeqmaXAcdryNYsPSVtLX8h+Wjqak0IbTGp
bD3T2CGa6JYm9h2FamcNzsUhlEDcDglsvq1sH7KTIJMwGdNwqPpb/bHUaWw6X3Kz
AvvP0c4y/bmu02C2PQ2G4BxI/0lBlCzvvwsoqK/NqcyK/d9ffMH1zK2vTErIRroT
6fJOAWiNcz1FhuKjZwtH3NQjHtf20YfmGfBx/CBdxnryvIoD+S8uxZojbGGnH/F4
qgofCAUxKzATt785ELa8XGsIaTRT4N2vm9TIbzpWAKVx0/GnOu7cIdCUDwD9TNGg
eZzCSRkPjXSE6i0QODA7LRxJEfVsWOjOI96sn3qiBjm0ZgrKdwivNQiOyHI58wJR
tpT7PgjLGVhy0iVZWm597BNq/wJi4DjshkcixVhYNVi7qXgUd2hsS3oCn8EzJvbO
UmzBuTlYkf+AfQMnE2VVCNtPd4V7a1nTJC80uxoqa+GrMBtwqs1Xf8k4cbZDBXBR
EOTWF3QhbZachtLkvrNBDfZvj9142PtN6yskRZnSrPNeKYUD1pucOvpqR/AYwqkl
fdTzAcuJK7Xrsq6h0lduEeV94VUZU7q3oledjCLK41bp4JdV9eOxYt96Qszx6/eA
tTFPTwvRb3SotqwMNhsZIgGb5YKf18n9z59qzAb4komHwYSFMN+6dxyyOqb+ecm9
WbGFUji7VaXaAyIfdmGQcyT44wiD0AZ9o8nQ9GZjwwQgy9BpKJbWtaPmBmlw6Eqr
nTxDtze6+MfifdO/tRgGq56Oe0Wag+OWk5k4dnst/oZ7QczLx5C1ycsq7ebpZJon
p8CHw5biOLHPuQQpWEQv3T1isZit9R3kNDu9c+6+TsaFZWdw6cCvhI6zK4j9fQu9
AS1Ab+kabk5Xs/XXQxzB+W2LagK7/jYX8Du/zLTWXfGQnSlu5iZuQiFFzQcR93kS
XGlo5FoB/m4tA4vi7j3NV6piKmnuwsK7Mmuxaki3ZDJeVzJ3h01Yzd+mK8cneQB9
72j3wQycpcCJX58iNebTUpdpdJ6X3DSh/zjb3HtrAQ6s8AQCagpuP9DMyCFzGShL
4a/g8NzN0+sS/LlDx+0im8YAnGkOLkepWTatmbtzW8qYH+vMlAn8hm3Tt/hYlBhg
FLJAQxdpahgGfUhnvxHZwiUP8LFy044DSRf0rb5065K62jhGwASZX/2qFnH/z31L
GVeDzFET66rSeJr0QXMRWoAPZMLZEH6KPPYDx0uvzFQNvX5V7lzQr+bzlMQMEVuw
JeGhwB1Cv9HE5+JE0W7dEeVkXpW91zx6AG3fq1fWngolWhbNDWEw6k3mMOfsUGcd
dVtxakzhNEpErILAUZga9g6L7XTjAwy3f5koLl5GgPHl0e0RC9NaxTmJQvR4BBEj
tpJLM8/PWMeozIGiDt/hHF80UWLLp/qF4tKHHGDfCquADlbP4n5KeU7NGgbtZqo1
6QWGSUUG2xeRWLLVU+RquucfLhPbWmtM5MmtUAoDyXsj/g2Ofj8dHJkFvQjfMDXX
xZ8DSabCOaqoA2ld5VXKfDG/QmStb0x1MKue8/v55FkBbOo5jTdAgEyi29+nF7Lo
DmIM/Z7H2TR0RIoFltKDm6h3YUgMT80idYWXIFf5J+2JKAdcUP0bzAZEEcsvBEEU
YrqyKM3R8JurQsXYyGx3upaxxljDLuLln8uXGUhqEdOXhzzK8cSb7LnQnLqU7OVA
IcFb5OgB5qlIs/p3LnI/Lkec4xpledh+xHRG5ADo+/MD1QIwGYvIcgV9/M2UtGEm
HAz8RAMnZlnBgvgbzaOax01ls8pLCOyYT5qWjWvAEldop4AOWnnjkkuj89xNrzFA
TJj1Z/2dhNJcJyvLQ6GNI5cyI1Y/cQ7UbBffoUmsMGVmwznlwD2ezIVP/KgSuahs
G1hT4D08c9Q6rF/dxO3Ithqlmk0AIUO949fiQsw6961QBET1Ttde9BCXg1UeZ9WY
1mCU6moNzO9HLPo9FFYQfF5e/LFkyBaraZHzuK2qZTnWXPu/vrHCsKeJAcVy2+X+
h5l3r0UICa33+r4DnxUnx1w6/NDZOkNBXTPBkEjL9n7os6fpxqcrqFCEFfPEzjJS
Si7scPe0OVVBSSFIGfSUewp12Z42a6WVQjGcAo3bSBioed+Vau7dsQhGfnFkdlEz
8ShzLpsCXn1+WnIGJ+Mnp1Eq9SRrLWVvhfK3+nuD+IOQS+Mdy6lZwv7Sh8aw1dah
E2lOCLOVZ5Gq2J+RmW9Mfc+XPt+mtgogIPVrB7/zg5iZblarjkNEE/xfgwF7XYRA
rzNDOVArYvnupq76BC606M+KrgUVNC4iUiA31o8LE/VN+Hb47LGmE9yw2HDgdYjq
QBnsf922zKJdtSdhcnJjKh540LpkMuMxHkBeYgzqGtRca93LIVOeuu/gHZ08Vy0g
FsvnSZ2YON2V7mKBM4Mr6PYioysIghFnItOcpybvm+qezmcG8E5icgMqgU9Xx3E0
6VYlNineY5LCyVNxahrOPI1lpn7+y0aXqcDmeV844R9sETRK5CtRrD44ZU6blpmp
ozqgrXTFGxdmhFIvh4YbmRx8tlPm2O8j3a62d2l8dD+wb6+pSOPdWy8nlZOKNTnu
e6+lduIiWz5k9I6i5t5HRFF9Ks3Y9BCWlztvPR/YtKGjb9KWr9Y6Qlusrjhqi+7m
Fh8JEy86X6HEZ4HjubYhncujckM9rUD7vpY9c1a1F0yPUbNHx6/lm0NkvSNaTtyX
N3AZ41ui96b5jUOgiw2AqyV2NXn35JZnmS0pe/Sjbw==
-----END ENCRYPTED PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIFiTCCA3GgAwIBAgIUIZmIFu1OifLaIzdQ5H+KT2+9nucwDQYJKoZIhvcNAQEL
BQAwVDELMAkGA1UEBhMCY2gxEDAOBgNVBAoMB0Fkbm92dW0xDTALBgNVBAsMBEFH
T1YxJDAiBgNVBAMMG29wLmFnb3Ytdy5henVyZS5hZG5vdnVtLm5ldDAeFw0yNDA4
MTkwOTUyMTBaFw0zNDA4MTcwOTUyMTBaMFQxCzAJBgNVBAYTAmNoMRAwDgYDVQQK
DAdBZG5vdnVtMQ0wCwYDVQQLDARBR09WMSQwIgYDVQQDDBtvcC5hZ292LXcuYXp1
cmUuYWRub3Z1bS5uZXQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDF
NEVj7VG5girGp+FWNQ0cJ8Ti4iF79cd0iiqK7J20x8JJng+fdqsNdcFtsAc7vQT9
Q/OTC9wHktFrIsJvvBOSbA4zQDY/7uxDM8hlOcqpKYsTE3scc5j6NnPrE7YLbiWc
zRwmQAF1He8hrllKX4vKSNmzQuL1Fgr3zv19/kwUk3ug7CxsMqWjyp/p4xxhLaL0
RNbQwkdJyQnNqCa/JHPKowcZa7sXusWc0oxKknAqHQCigF1guDZf7yNb7KVaTrJf
TMaCXd5DOgbAuwfYDfJxgSSJxp+SgJDcX/NdTTZQSjiyeIAwkJds8iH367nfS8TI
Zbxe8RMUsS/V8N7d/CIKiuWI3ImLJNSDdk/5FiNl09Exx/J65LBzzWK7FT4in3vZ
VvuEda1dU/nYh9+feHVNZHIFuu1OaAoLMzt7oRukE7rqIE/L7Xr+1QEz37AvS2PB
/6p9Dz98BRKjeMiRX/YvEo0beRGQDRsF1PsummZR3D4hbq0WPHj7Yi+vDCFfcmAQ
LK28Gtm0Mt1XIwTakf33RbryOSerF/ItbkYxP01T4pI0CLWVs2UDy4fejAH1o6Kp
ZvCeBuDDV4Vbgsg2gYdMwoU5sNUJH9vOGKuR3fNAY35ITcubZMe+vOAniZJIYwyy
PNE7FrfzXU1kQOkiDKMjVcj4ONKUa16l89Kn9yJQWQIDAQABo1MwUTAdBgNVHQ4E
FgQUmq4HxS3h6DMPbAAp7OFRftcLTzowHwYDVR0jBBgwFoAUmq4HxS3h6DMPbAAp
7OFRftcLTzowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAbdOP
xoTX5oBliYCFqHMAX5HFyRiwkaUgfbeWKfFRMagE6wztXOsypUnJT9zPZ1Vzu7w0
EriilvmqEWFEPLnRUwCksaj698gEJpZtjHsmImbUz07psw2w1lbbAdijaVgtajAy
0M0g8r8y4eomlGqCjnpvIvhrhcMl2AVW0lW4lFJHrHg2rPtwj0F8jBTBU4ptkg6/
XyDaBFKVoCt1ged53Bf2htnkvw8oXqinYzR6qQAUX+dvLu7GH7Nbo2S1dOl2h3Ov
g7E6unLS+t5Ys/7FHdJUBXSwKl2/AkRCze159LBxhhrptLkrFrDkWKR+ACsY61a/
wxqLxkdPQRfN+c+dUq59oF15/mrgwzj36o70WYT1xoE++jK9HDOr0wifbqe2jMY6
Kx66yPvtXEuHcRnzpVrTH+vTCgQ1f/GmIMLHSxEk0roFb/es+kSgHGfMhyXkp8q/
iL6uQQz8J1J7vtNhUbCNGcSAReK0MASAsQ34rcFB0XGl/YZ4EJ092XjDXnM9+BmG
HScOg0AoGBg/zjLuBRo++jp42GpedLuFlDqlUyFYl9rOGczM9TD4cTvViCvpP/95
nSk6WsNrJN+s5SF6plgRBGXDI0AYEaGEhODkR88BzJtmRdxNnoBowFDMVgsgUHzN
6AfsSrlJPrOjAiMeUiR+WLuhJVifpT+FIoTb/Ko=
-----END CERTIFICATE-----

252
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/LitDict.properties Normal file
View File

@ -0,0 +1,252 @@
accept.button.label=Accept
cancel.button.label=Cancel
continue.button.label=Continue
darkModeSwitch.aria.label=Dark mode toggle
deputy.profile.label=(Deputy Profile)
error.saml.failed=Please close your browser and try again.
error_1=Please check your input.
error_10=Please select the correct user account.
error_100=Certificate upload not possible. Certificate already exists. Please contact your helpdesk.
error_101=The entered email address is not valid.
error_11=Please use another certficate or login with another credential type.
error_2=Please select another login name.
error_3=Your account will be locked if next authentication fails.
error_4=Your new password does not comply with the security policy. Please choose a different password.
error_5=Error in password confirmation.
error_50=The new password is too short.
error_55=The new password has to differ from old passwords.
error_6=Password change required.
error_7=Change of login ID required.
error_8=Your account has been locked due to repeated authentication failures.
error_81=No access card found, access from internet denied.
error_83=Your access card is no longer valid. Please contact your advisor to get a new access card.
error_9=Session take over failed.
error_97=You are not authorized to access this resource.
error_98=Your account has been locked.
error_99=System problems. Please try later.
error_9901=You need a valid on-boarding link to access this page.
error_9902=The email used for authentication doesn't match the expected one in operations. Please ask for a new on-boarding link.
error_9903=The used IdP didn't send us a valid assertion. Please make sure, you use the correct IdP. Ask the support for a new on-boarding link.
error_9904=Your link is not valid anymore. Please make sure, that you are using the latest Link received from operations. Ask for a new link, if the problem persists.
error_9905=There is a problem with your operations account. Please contact the support.
error_9909=An internal error occured. Please ask the support for a new on-boarding link.
errors.duplicateValue=Your account is already linked with another operations access.
fido2_auth.cancel.fido=The security key authentication was interrupted. Please ensure your FIDO key is registered and your email is correct, then follow the steps below.
fido2_auth.instruction1=Click on "Continue"
fido2_auth.instruction2=An authentication window will appear
fido2_auth.instruction3=Follow the instructions
fido2_auth.skipInstructions=Skip instructions next time
fido2_auth.switchLogin=SWITCH TO LOGIN WITH
footer.link=https://agov.ch/?c=contact&l=en
footer.link.label=Contact
footer.text=Authentication service of Swiss authorities AGOV - a collaboration between cantons, their municipalities, and the federal administration. -
general.AGOVAccessApp=AGOV access app
general.accessApp=AGOV access app
general.authenticate=Authenticate
general.back=Back
general.cancel=Cancel
general.confirm=Confirm
general.contactSupport=Contact Support
general.continue=Continue
general.edit=Edit
general.email=Email
general.email.address=Email address
general.entryCode=Code entry
general.getStarted=Get started
general.goAGOVHelp=Go to AGOV help
general.goAccessApp=Login with AGOV access
general.help=Help
general.help.link=https://agov.ch/help
general.login=Login
general.loginSecurityKey=Start Security key login
general.or=OR
general.otherOptions=OTHER OPTIONS
general.recovery=Recovery
general.recoveryOngoing=Ongoing recovery
general.register=Register
general.registerNow=Register now!
general.registration=Registration
general.securityKey=Security key
general.skip.content=Skip to main content
generic.auth.error.message=There was a service interruption. We are working on it.
generic.auth.error.next.steps=Please try again later. Please consult AGOV help if the problem persists.
generic.auth.error.subtitle=Something went wrong
generic.auth.error.title=Error
info.logout.confirmation=Please confirm that you want to log out.
info.logout.reminder=Your session on this application has expired. Try again with a login.
info.oauth.consent=Do you want to authorise this application to access your data?
info.timeout.page=Your session on this application has expired. Try again with a login.
language.de=Deutsch
language.en=English
language.fr=Fran&ccedil;ais
language.it=Italiano
languageDropdown.aria.label=Select language
loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
loainfo.description.400=To access the application we need you to add your AHV Number (Swiss Social Security number).
loainfo.helper=Your data needs to be verified!
loainfo.later=Later
loainfo.startNow=Do you want to start the process now?
loainfo.startVerification=Start verification
loainfo.title=Verify your data
login.button.label=Login
logout.label=Logout
logout.text=You have successfully logged out.
mauth_usernameless.EID=Continue with CH E-ID
mauth_usernameless.banner.error=Authentication interrupted.<br>Please try again when the page reloads.
mauth_usernameless.banner.info=Scan successful.<br>Please continue in the AGOV access app.
mauth_usernameless.banner.success=Authentication successful!<br>Please wait to be logged in.
mauth_usernameless.cannotLogin=Lost access to your app / security key?
mauth_usernameless.hideQR=Hide QR code
mauth_usernameless.instructions=Log in by scanning the QR code with your AGOV access app
mauth_usernameless.noAccount=Don't have an AGOV-Login yet?
mauth_usernameless.showQR=Show QR code
mauth_usernameless.startRecovery=Start account recovery
mauth_usernameless.useSecurityKey=Use a security key to log in
mauth_usernameless.useSecurityKeyInfo=A physical security key offers a secure way to login without having to use a phone.
method.certificate.label=Certificate
method.fido.label=Mobile Authentication
method.fido2.label=FIDO 2
method.mtan.label=mTAN Code
method.oath.label=OATH Authenticator App
method.otp.label=OTP (One-Time Password)
method.recovery.label=Recovery Codes
method.safeword.label=SafeWord
method.securid.label=SecurID
method.ticket.label=Ticket
op-admin.login=AGOV op admin
op-admin.login.intro.message=Login with your username and password
op-admin.login.loginid=LoginId
op-admin.login.password=Passwort
op-admin.login.title=Login
op-admin.logout=AGOV op admin
op-admin.logout.message=You have successfully logged out.
op-admin.logout.title=Logout
op-admin.pwchange.intro.message=Password change required
op-admin.pwchange.newpassword=New password
op-admin.pwchange.newpassword2=Repeat new password
op-admin.pwchange.password=Current password
op-admin.pwchange.title=Password Change
op-idmlogin.role.accs-mgmt-idm=IDM accessrights management
op-idmlogin.role.accs-mgmt-nonidm=Accessrights management
op-idmlogin.role.idmcfg-mgmt=IDM set-up
op-idmlogin.role.readonly-access=Default access (readonly)
op-idmlogin.role.support-basic=Support cases (recovery, ...)
op-idmlogin.role.support-priv=3rd level support (archiving, off-boarding)
op-idmlogin.role.usr-mgmt=User management (operations)
op-idmlogin.role.usr-unit-mgmt=User and organization management (operations)
op-idmlogin.select=AGOV idm
op-idmlogin.select.intro=Please select one of the profiles below...
op-idmlogin.select.note=Profiles marked with a * should only be used if required for a specific support or release tasks.
op-idmlogin.select.title=Profile selection
op-onboarding.done.message=On-boarding was successfull. You can now use your AGOV operations access. Please close the browser, before accessing on of the operations application.
op-onboarding.done.title=DONE
op-onboarding.failed.title=ERROR
op-onboarding.intro.message1=To complete your on-boarding for your AGOV operations access, you need either an AGOV or a FED-LOGIN account.
op-onboarding.intro.message2=After clicking on "Continue", you will be redirected for authentication.
op-onboarding.intro.message3=If you are using AGOV, and your account doesn't meet yet the required AGOVaq level, you will be given the possibility to start the required ID verification.
op-onboarding.intro.title=START
op-onboarding.onboarding=AGOV op on-boarding
op-onboarding.process.message=During the processing something went wrong. Please contact AGOV support if necessary and ask also for a new on-boarding link.
outarg.lastLogin.never=Never
policyFailure.dictionary=&#9642; must not be taken from a dictionary.
policyFailure.history.History=&#9642; must be different from previously selected passwords.
policyFailure.regex.control=&#9642; cannot contain more than {0} control characters.
policyFailure.regex.lower=&#9642; must contain at least {0} lower case characters.
policyFailure.regex.maxCharacterRepetitions=&#9642; characters must not occur more than {0} time(s) consecutively.
policyFailure.regex.maxLength=&#9642; must be at most {0} characters long.
policyFailure.regex.minLength=&#9642; must be at least {0} characters long.
policyFailure.regex.nonAlnum=&#9642; must contain at least {0} non-alphanumeric characters.
policyFailure.regex.nonAscii=&#9642; cannot contain more than {0} non-ASCII characters.
policyFailure.regex.nonGraph=&#9642; cannot contain more than {0} non-printable characters.
policyFailure.regex.nonLetter=&#9642; must contain at least {0} non-letter characters.
policyFailure.regex.numeric=&#9642; must contain at least {0} numeric characters.
policyFailure.regex.upper=&#9642; must contain at least {0} upper case characters.
policyInfo.dictionary=&#9642; must not be taken from a dictionary.
policyInfo.history.History=&#9642; must be different from previously selected passwords.
policyInfo.regex.control=&#9642; cannot contain more than {0} control characters.
policyInfo.regex.lower=&#9642; must contain at least {0} lower case characters.
policyInfo.regex.maxCharacterRepetitions=&#9642; characters must not occur more than {0} time(s) consecutively.
policyInfo.regex.maxLength=&#9642; must be at most {0} characters long.
policyInfo.regex.minLength=&#9642; must be at least {0} characters long.
policyInfo.regex.nonAlnum=&#9642; must contain at least {0} non-alphanumeric characters.
policyInfo.regex.nonAscii=&#9642; cannot contain more than {0} non-ASCII characters.
policyInfo.regex.nonGraph=&#9642; cannot contain more than {0} non-printable characters.
policyInfo.regex.nonLetter=&#9642; must contain at least {0} non-letter characters.
policyInfo.regex.numeric=&#9642; must contain at least {0} numeric characters.
policyInfo.regex.upper=&#9642; must contain at least {0} upper case characters.
policyInfo.title=The password has to comply with the following password policy:
recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
recovery_check_code.enterRecoveryCode=Enter recovery code
recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
recovery_check_code.invalid.code=The code is invalid
recovery_check_code.invalid.code.required=Code required
recovery_check_code.invalid.code.tooLong=The code is too long
recovery_check_code.noAccess=I do not have access to my code
recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
recovery_check_noCode.banner.error=Too many attempts or your recovery code has expired.
recovery_check_noCode.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
recovery_check_noCode.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
recovery_code.banner.error=Please reveal your new code to be able to continue.
recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
recovery_code.newRecoveryCode=Introducing Recovery Code
recovery_code.validUntil=Valid until:
recovery_fidokey_auth.button=Start key authentication
recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
recovery_fidokey_auth.instruction1=You have already registered a new security key !!!SECURITY_KEY_NAME!!! as part of the recovery process.
recovery_fidokey_auth.instruction2=Please use !!!SECURITY_KEY_NAME!!! to follow the steps below to identify you.
recovery_fidokey_auth.keyRegistered=Security key already registered
recovery_intro_email.banner.error=The link you used has expired. Please enter your email address to receive a new link.
recovery_intro_email.banner.info=Please enter your email address, so we can send you a link to start the recovery process.
recovery_intro_email.important=Important:
recovery_intro_email.process=The recovery process should only be used if you have lost access to your login factors (deleted AGOV access app, lost security key, lost phone, etc.).
recovery_intro_email_sent.banner.button=Didn't receive the email?
recovery_intro_email_sent.banner.success=Thank you! You will receive an email with a recovery link and instructions shortly.
recovery_on_going.finishRecovery=Finish recovery
recovery_on_going.instruction=You have an ongoing recovery process. Part of the recovery process can include an identity verification. To access applications with your AGOV-Login you need to finish the identity verification as well.
recovery_on_going.title=Please finish your recovery process.
recovery_questionnaire_instructions.banner.info=Please note that in certain cases you need access to your recovery code for a successful recovery.
recovery_questionnaire_instructions.explanation=Based on your answers an AGOV-Login recovery seems to be necessary. Please click on continue and follow the instructions on the screen.
recovery_questionnaire_instructions.instruction1=Provide your account email address so we can send you a link to begin the recovery process
recovery_questionnaire_instructions.instruction2=Follow steps to recover your account (steps will vary depending on your account verification level)
recovery_questionnaire_loginfactor.banner.error=Please select an answer.
recovery_questionnaire_loginfactor.no=No
recovery_questionnaire_loginfactor.question=Have you registered more than one login factor (AGOV access app or security key) to your account?
recovery_questionnaire_loginfactor.yes=Yes
recovery_questionnaire_no_recovery.explanation1=Based on your answers, the AGOV recovery option does not seem necessary right now.
recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> for support articles.
recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> and test if you can log in successfully.
recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> to remove the one you have lost access to.
recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
recovery_questionnaire_reason_selection.answer3=I have deleted or reset my AGOV access app
recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app
recovery_questionnaire_reason_selection.answer7=I have my security keys or apps but had trouble logging in
recovery_questionnaire_reason_selection.answer8=I lost access to all my security keys and AGOV access apps
recovery_questionnaire_reason_selection.answer9=I have issues with one of my login factors (deleted, reset, forgotten PIN)
recovery_questionnaire_reason_selection.banner.error=Please select a reason.
recovery_questionnaire_reason_selection.instruction=Please select the reason you are starting the recovery process:
recovery_start_info.banner.warning=You will not be able to use your account until the recovery process has been concluded.
recovery_start_info.instruction=During the recovery process you will register a new login factor. If your account contains any verified information you might also have to go through a verification process to finish the recovery.
recovery_start_info.title=You are about to start the recovery process
reject.button.label=Deny
submit.button.label=Submit
tan.sent=Please enter the security code which has been sent to your mobile phone.
title.login=Login
title.logout=Logout
title.logout.confirmation=Logout
title.logout.reminder=Logout
title.oauth.consent=Client Authorization
title.saml.failed=Error
title.timeout.page=Logout
user_input.invalid.email=Please enter a valid email address
user_input.invalid.email.required=Field required
user_input.invalid.email.tooLong=Input is too long

252
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/LitDict_de.properties Normal file
View File

@ -0,0 +1,252 @@
accept.button.label=Akzeptieren
cancel.button.label=Abbrechen
continue.button.label=Weiter
darkModeSwitch.aria.label=Dark-Mode-Schalter
deputy.profile.label=(Profil Stellvertreter)
error.saml.failed=Bitte schliessen Sie Ihren Browser und versuchen Sie es erneut.
error_1=Bitte &uuml;berpr&uuml;fen Sie Ihre Eingaben.
error_10=Bitte w&auml;hlen Sie das richtige Benutzerkonto aus.
error_100=Zertifikat-Upload nicht m&ouml;glich. Das Zertifikat existiert bereits. Wenden Sie sich an Ihr Helpdesk.
error_101=Die eingegebene E-Mail-Adresse ist ung&uuml;ltig.
error_11=Bitte verwenden Sie ein anderes Zertifikat oder melden Sie sich mit einer anderen Art von Credential an.
error_2=Bitte w&auml;hlen Sie einen anderen Login-Namen.
error_3=Wenn die n&auml;chste Authentifizierung fehlschl&auml;gt, wird Ihr Konto gesperrt.
error_4=Ihr neues Passwort verst&ouml;sst gegen die Sicherheitsrichtlinien. Bitte w&auml;hlen Sie ein anderes Passwort.
error_5=Fehler bei der Passwortbest&auml;tigung.
error_50=Das neue Passwort ist zu kurz.
error_55=Das neue Passwort muss sich von alten Passw&ouml;rtern unterscheiden.
error_6=Passwort&auml;nderung erforderlich.
error_7=&Auml;nderung der Login-ID erforderlich.
error_8=Ihr Konto wurde aufgrund wiederholter fehlgeschlagener Authentifizierungsversuche gesperrt.
error_81=Keine Zugangskarte gefunden, Zugang &uuml;ber das Internet verweigert.
error_83=Ihre Zugangskarte ist nicht mehr g&uuml;ltig. Bitte wenden Sie sich an Ihre Beratungsperson, um eine neue Zugangskarte zu erhalten.
error_9=&Uuml;bernahme der Sitzung fehlgeschlagen.
error_97=Sie sind nicht berechtigt, auf diese Ressource zuzugreifen.
error_98=Ihr Konto wurde gesperrt.
error_99=Systemprobleme: Bitte versuchen Sie es sp&auml;ter noch einmal.
error_9901=Sie ben&ouml;tigen einen g&uuml;ltigen Onboarding-Link, um auf diese Seite zuzugreifen.
error_9902=Die f&uuml;r die Authentifizierung verwendete E-Mail-Adresse stimmt nicht mit der erwarteten E-Mail-Adresse in Operations &uuml;berein. Bitte fordern Sie einen neuen Onboarding-Link an.
error_9903=Der verwendete IdP hat uns keine g&uuml;ltige Assertion gesendet. Bitte stellen Sie sicher, dass Sie den richtigen IdP verwenden. Fordern Sie beim Support einen neuen Onboarding-Link an.
error_9904=Ihr Link ist nicht mehr g&uuml;ltig. Bitte stellen Sie sicher, dass Sie den neuesten Link verwenden, den Sie von Operations erhalten haben. Fordern Sie einen neuen Link an, falls das Problem weiterhin besteht.
error_9905=Es gibt ein Problem mit Ihrem Operations-Konto. Kontaktieren Sie bitte den Support.
error_9909=Es ist ein interner Fehler aufgetreten. Bitten Sie den Support um einen neuen Onboarding-Link.
errors.duplicateValue=Ihr Konto ist bereits mit einem anderen Operations-Zugang verkn&uuml;pft.
fido2_auth.cancel.fido=Die Authentifizierung mit dem Sicherheitsschl&uuml;ssel wurde unterbrochen. Bitte vergewissern Sie sich, dass Ihr FIDO-Schl&uuml;ssel registriert ist und Ihre E-Mail korrekt ist.
fido2_auth.instruction1=Klicken Sie auf "Weiter"
fido2_auth.instruction2=Ein Authentifizierungsfenster wird erscheinen
fido2_auth.instruction3=Folgen Sie den Anweisungen
fido2_auth.skipInstructions=Anweisungen n&auml;chstes Mal &uuml;berspringen
fido2_auth.switchLogin=WECHSEL ZU LOGIN MIT
footer.link=https://agov.ch/?c=contact&l=de
footer.link.label=Kontakt
footer.text=Authentifizierungsdienst der Schweizer Beh&ouml;rden AGOV &ndash; eine Zusammenarbeit zwischen den Kantonen, deren Gemeinden und der Bundesverwaltung. -
general.AGOVAccessApp=AGOV access App
general.accessApp=AGOV access App
general.authenticate=Authentifizieren
general.back=Zur&uuml;ck
general.cancel=Abbrechen
general.confirm=Best&auml;tigen
general.contactSupport=Support kontaktieren
general.continue=Weiter
general.edit=&Auml;ndern
general.email=E-Mail
general.email.address=E-Mailadresse
general.entryCode=Code-Eingabe
general.getStarted=Get started
general.goAGOVHelp=Weiter zur AGOV help
general.goAccessApp=Login mit AGOV access
general.help=Hilfe
general.help.link=https://agov.ch/help
general.login=Login
general.loginSecurityKey=Sicherheitsschl&uuml;ssel-Login starten
general.or=ODER
general.otherOptions=WEITERE OPTIONEN
general.recovery=Wiederherstellung
general.recoveryOngoing=Wiederherstellung nicht abgeschlossen
general.register=Registrieren
general.registerNow=Jetzt registrieren!
general.registration=Registrierung
general.securityKey=Sicherheitsschl&uuml;ssel
general.skip.content=Direkt zum Hauptteil
generic.auth.error.message=Es gab eine Service-Unterbrechung. Wir arbeiten daran.
generic.auth.error.next.steps=Versuchen Sie es bitte sp&auml;ter noch einmal. Bitte besuchen Sie die AGOV-Hilfe, wenn das Problem weiterhin besteht.
generic.auth.error.subtitle=Etwas ist schiefgegangen
generic.auth.error.title=Fehler
info.logout.confirmation=Bitte best&auml;tigen Sie, dass Sie sich abmelden m&ouml;chten.
info.logout.reminder=Ihre Session ist auf dieser Applikation abgelaufen. Versuchen Sie es nochmals mit einem Login.
info.oauth.consent=Wollen Sie der Anwendung den Zugriff erlauben?
info.timeout.page=Ihre Session ist auf dieser Applikation abgelaufen. Versuchen Sie es nochmals mit einem Login.
language.de=Deutsch
language.en=English
language.fr=Fran&ccedil;ais
language.it=Italiano
languageDropdown.aria.label=Sprache w&auml;hlen
loainfo.description.200=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben verifizieren. Der Vorgang kann bis zu 2 - 3 Tage dauern.
loainfo.description.300=Um auf diese Applikation zuzugreifen, m&uuml;ssen wir Ihre Angaben durch einen von zwei Vorg&auml;ngen verifizieren. Sie k&ouml;nnen die bevorzugte Methode im n&auml;chsten Schritt ausw&auml;hlen.
loainfo.description.400=F&uuml;r den Zugang zu dieser Anwendung m&uuml;ssen Sie Ihre AHV-Nummer angeben.
loainfo.helper=Ihre pers&ouml;nlichen Daten m&uuml;ssen &uuml;berpr&uuml;ft werden!
loainfo.later=Sp&auml;ter
loainfo.startNow=M&ouml;chten Sie den Prozess jetzt starten?
loainfo.startVerification=Verifikation starten
loainfo.title=Verifizieren Sie Ihre Daten
login.button.label=Login
logout.label=Logout
logout.text=Sie haben sich erfolgreich abgemeldet.
mauth_usernameless.EID=Mit Schweizer E-ID fortfahren
mauth_usernameless.banner.error=Authentifizierung unterbrochen.<br>Bitte versuchen Sie es erneut, nachdem die Seite neu geladen wurde.
mauth_usernameless.banner.info=Scan erfolgreich.<br>Bitte fahren Sie in der AGOV access App fort.
mauth_usernameless.banner.success=Authentifizierung erfolgreich!<br>Bitte warten Sie, bis Sie eingeloggt werden.
mauth_usernameless.cannotLogin=Zugriff auf App / Sicherheitsschl&uuml;ssel verloren?
mauth_usernameless.hideQR=QR-Code ausblenden
mauth_usernameless.instructions=Melden Sie sich an, indem Sie den QR-Code mit Ihrer AGOV access App scannen
mauth_usernameless.noAccount=Haben Sie noch kein AGOV-Login?
mauth_usernameless.showQR=QR-Code anzeigen
mauth_usernameless.startRecovery=Kontowiederherstellung starten
mauth_usernameless.useSecurityKey=Verwenden Sie einen Sicherheitsschl&uuml;ssel, um sich anzumelden
mauth_usernameless.useSecurityKeyInfo=Ein physischer Sicherheitsschl&uuml;ssel bietet eine sichere M&ouml;glichkeit, sich ohne Telefon anzumelden.
method.certificate.label=Zertifikat
method.fido.label=Mobile Authentication
method.fido2.label=FIDO 2
method.mtan.label=mTAN-Code
method.oath.label=OATH Authenticator-App
method.otp.label=OTP (One-Time Passwort)
method.recovery.label=Wiederherstellungscodes
method.safeword.label=SafeWord
method.securid.label=SecurID
method.ticket.label=Ticket
op-admin.login=AGOV-op-Admin
op-admin.login.intro.message=Login mit Ihrem Benutzernamen und Passwort
op-admin.login.loginid=LoginID
op-admin.login.password=Passwort
op-admin.login.title=Login
op-admin.logout=AGOV-op-Admin
op-admin.logout.message=Sie haben sich erfolgreich ausgeloggt.
op-admin.logout.title=Logout
op-admin.pwchange.intro.message=Passwort&auml;nderung erforderlich
op-admin.pwchange.newpassword=Neues Passwort
op-admin.pwchange.newpassword2=Neues Passwort wiederholen
op-admin.pwchange.password=Aktuelles Passwort
op-admin.pwchange.title=&Auml;nderung des Passworts
op-idmlogin.role.accs-mgmt-idm=IDM accessrights management
op-idmlogin.role.accs-mgmt-nonidm=Accessrights management
op-idmlogin.role.idmcfg-mgmt=IDM set-up
op-idmlogin.role.readonly-access=Standardzugriff (Nur Leseberechtigung)
op-idmlogin.role.support-basic=Supportf&auml;lle (Wiederherstellung, ...)
op-idmlogin.role.support-priv=3rd Level Support (Archivierung, Abmeldungen, ...)
op-idmlogin.role.usr-mgmt=Benutzerverwaltung (Betrieb)
op-idmlogin.role.usr-unit-mgmt=Benutzer- und Organisationsverwaltung (Betrieb)
op-idmlogin.select=AGOV idm
op-idmlogin.select.intro=Bitte w&auml;hlen Sie ein Profil aus...
op-idmlogin.select.note=Mit * markierte Profile sollten nur f&uuml;r bestimmte Support oder Release Aufgaben genutzt werden.
op-idmlogin.select.title=Profilauswahl
op-onboarding.done.message=Das Onboarding war erfolgreich. Sie k&ouml;nnen nun Ihren AGOV-Operations-Zugang verwenden. Bitte schliessen Sie den Browser, bevor Sie auf eine der Operations-Applikationen zugreifen.
op-onboarding.done.title=FERTIG
op-onboarding.failed.title=FEHLER
op-onboarding.intro.message1=Um das Onboarding f&uuml;r Ihren AGOV-Operations-Zugang abzuschliessen, ben&ouml;tigen Sie entweder ein AGOV- oder ein FED-LOGIN-Konto.
op-onboarding.intro.message2=Wenn Sie auf &laquo;Weiter&raquo; klicken, werden Sie zur Authentifizierung weitergeleitet.
op-onboarding.intro.message3=Wenn Sie AGOV verwenden und Ihr Konto noch nicht der erforderlichen AGOVaq-Stufe entspricht, erhalten Sie die M&ouml;glichkeit, die erforderliche Identit&auml;tspr&uuml;fung zu starten.
op-onboarding.intro.title=START
op-onboarding.onboarding=AGOV-op-Onboarding
op-onboarding.process.message=Bei der Bearbeitung ist etwas schiefgegangen. Wenden Sie sich wenn n&ouml;tig an den AGOV-Support und fordern Sie einen neuen Onboarding-Link an.
outarg.lastLogin.never=Nie
policyFailure.dictionary=&#9642; darf nicht aus einem W&ouml;rterbuch stammen.
policyFailure.history.History=&#9642; muss sich von vorhergehenden Passw&ouml;rtern unterscheiden.
policyFailure.regex.control=&#9642; darf h&ouml;chstens {0} Kontrollzeichen enthalten.
policyFailure.regex.lower=&#9642; muss {0} Kleinbuchstaben enthalten.
policyFailure.regex.maxCharacterRepetitions=&#9642; darf nicht eine Sequenz l&auml;nger als {0} des gleichen Zeichens enthalten.
policyFailure.regex.maxLength=L&auml;nge des Passwortes darf h&ouml;chstens {0} sein.
policyFailure.regex.minLength=L&auml;nge des Passwortes muss mindestens {0} sein.
policyFailure.regex.nonAlnum=&#9642; muss {0} nicht-alphanumerische Zeichen enthalten.
policyFailure.regex.nonAscii=&#9642; darf h&ouml;chstens {0} Zeichen ausserhalb des ASCII-Zeichensatzes enthalten.
policyFailure.regex.nonGraph=&#9642; darf h&ouml;chstens {0} nicht-druckende Zeichen enthalten.
policyFailure.regex.nonLetter=&#9642; muss {0} Zeichen enthalten, die keine Buchstaben sind.
policyFailure.regex.numeric=&#9642; muss {0} numerische Zeichen enthalten.
policyFailure.regex.upper=&#9642; muss {0} Grossbuchstaben enthalten.
policyInfo.dictionary=&#9642; darf nicht aus einem W&ouml;rterbuch stammen.
policyInfo.history.History=&#9642; darf keines der zuletzt verwendeten Passw&ouml;rtern sein.
policyInfo.regex.control=&#9642; darf h&ouml;chstens {0} Kontrollzeichen enthalten.
policyInfo.regex.lower=&#9642; muss mindestens {0} Kleinbuchstaben enthalten.
policyInfo.regex.maxCharacterRepetitions=&#9642; darf nicht eine Sequenz l&auml;nger als {0} des gleichen Zeichens enthalten.
policyInfo.regex.maxLength=&#9642; darf h&ouml;chstens {0} Zeichen enthalten.
policyInfo.regex.minLength=&#9642; muss mindestens {0} Zeichen enthalten.
policyInfo.regex.nonAlnum=&#9642; muss mindestens {0} Zeichen enthalten, die nicht Alphanumerisch sind.
policyInfo.regex.nonAscii=&#9642; darf h&ouml;chstens {0} Zeichen ausserhalb des ASCII-Zeichensatzes enthalten.
policyInfo.regex.nonGraph=&#9642; darf h&ouml;chstens {0} nicht-druckende Zeichen enthalten.
policyInfo.regex.nonLetter=&#9642; muss mindestens {0} Zeichen enthalten, die keine Buchstaben sind.
policyInfo.regex.numeric=&#9642; muss mindestens {0} numerische Zeichen enthalten.
policyInfo.regex.upper=&#9642; muss mindestens {0} Grossbuchstaben enthalten.
policyInfo.title=Das Passwort muss den folgenden Passwort-Richtlinien entsprechen:
recovery_accessapp_auth.accessAppRegistered=AGOV access app schon registriert
recovery_accessapp_auth.instruction1=Sie haben bereits eine neue AGOV access App !!!ACCESS_APP_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
recovery_accessapp_auth.instruction2=Verwenden Sie !!!ACCESS_APP_NAME!!! um Sie zu identifizieren.
recovery_check_code.codeIncorrect=Der eingegebene Code ist nicht korrekt. Bitte versuchen Sie es erneut.
recovery_check_code.enterRecoveryCode=Wiederherstellungscode eingeben
recovery_check_code.instruction=Bitte geben Sie unten Ihren pers&ouml;nlichen 12-stelligen Wiederherstellungscode ein. Sie haben den Wiederherstellungscode in einer PDF-Datei bei der Registrierung oder in AGOV me erhalten.
recovery_check_code.invalid.code=Code ist ung&uuml;ltig
recovery_check_code.invalid.code.required=Code erforderlich
recovery_check_code.invalid.code.tooLong=Eingegebener Code ist zu lang
recovery_check_code.noAccess=Ich kann auf meinen Code nicht zugreifen
recovery_check_code.noCodeAccess=Sind Sie sicher, dass Sie auf Ihren Wiederherstellungscode nicht zugreifen k&ouml;nnen?
recovery_check_code.noCodeAccessInstructions=Wenn Sie auf Ihren Wiederherstellungscode nicht mehr zugreifen k&ouml;nnen, gehen Sie bitte zur AGOV-Hilfe, um jemanden vom AGOV-Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
recovery_check_noCode.banner.error=Zu viele Versuche oder Ihr Wiederherstellungscode ist abgelaufen.
recovery_check_noCode.instruction1=Der von Ihnen eingegebene Wiederherstellungscode ist m&ouml;glicherweise abgelaufen oder Sie haben zu oft versucht, einen Code einzugeben.
recovery_check_noCode.instruction2=Gehen Sie bitte zur AGOV-Hilfe, um jemanden vom Support zu kontaktieren. Die Person wird Sie beim Wiederherstellungsprozess unterst&uuml;tzen.
recovery_code.banner.error=Bitte enth&uuml;llen Sie den Code, um fortfahren zu k&ouml;nnen.
recovery_code.instruction=Der Wiederherstellungscode hilft Ihnen, Zugriff auf Ihr AGOV-Login zu erhalten, falls Sie alle Ihre Login-Faktoren verloren haben. Bitte bewahren Sie den Wiederherstellungscode an einem sicheren Ort auf.
recovery_code.newRecoveryCode=Einf&uuml;hrung von Wiederherstellungscode
recovery_code.validUntil=G&uuml;ltig bis:
recovery_fidokey_auth.button=Schl&uuml;sselauthentifizierung starten
recovery_fidokey_auth.fidoInstruction=Klicken Sie auf "Schl&uuml;sselauthentifizierung starten"
recovery_fidokey_auth.instruction1=Sie haben bereits einen neuen Sicherheitsschl&uuml;ssel !!!SECURITY_KEY_NAME!!! im Rahmen des Wiederherstellungsprozesses registriert.
recovery_fidokey_auth.instruction2=Bitte verwenden Sie !!!SECURITY_KEY_NAME!!! und befolgen Sie die untenstehenden Schritte, um Sie zu identifizieren.
recovery_fidokey_auth.keyRegistered=Sicherheitsschl&uuml;ssel schon registriert
recovery_intro_email.banner.error=Der von Ihnen verwendete Link ist abgelaufen. Bitte geben Sie Ihre E-Mail-Adresse ein, um einen neuen Link zu erhalten.
recovery_intro_email.banner.info=Bitte geben Sie Ihre E-Mail-Adresse ein, damit wir Ihnen einen Link schicken k&ouml;nnen, mit dem Sie den Wiederherstellungsprozess starten.
recovery_intro_email.important=Wichtig:
recovery_intro_email.process=Der Wiederherstellungsprozess sollte nur verwendet werden, wenn Sie den Zugriff auf Ihre Login-Faktoren verloren haben (gel&ouml;schte AGOV access App, verlorener Sicherheitsschl&uuml;ssel, verlorenes Telefon usw.).
recovery_intro_email_sent.banner.button=Keine E-Mail erhalten?
recovery_intro_email_sent.banner.success=Vielen Dank! Sie werden in K&uuml;rze eine E-Mail mit einem Wiederherstellungslink und Anweisungen erhalten.
recovery_on_going.finishRecovery=Wiederherstellung abschliessen
recovery_on_going.instruction=Sie haben einen laufenden Wiederherstellungsprozess. Der Wiederherstellungsprozess kann eine Identit&auml;tspr&uuml;fung umfassen. Um mit Ihrem AGOV-Login auf Applikationen zugreifen zu k&ouml;nnen, m&uuml;ssen Sie auch die Identit&auml;tspr&uuml;fung abschliessen.
recovery_on_going.title=Bitte schliessen Sie Ihren Wiederherstellungsprozess ab.
recovery_questionnaire_instructions.banner.info=Bitte beachten Sie, dass Sie in bestimmten F&auml;llen f&uuml;r eine erfolgreiche Wiederherstellung Zugang zu Ihrem Wiederherstellungscode ben&ouml;tigen.
recovery_questionnaire_instructions.explanation=Aufgrund Ihrer Antworten scheint eine Wiederherstellung Ihres AGOV-Logins erforderlich zu sein. Bitte klicken Sie auf Weiter und folgen Sie den Anweisungen auf dem Bildschirm.
recovery_questionnaire_instructions.instruction1=Geben Sie die E-Mail-Adresse Ihres AGOV-Logins an, damit wir Ihnen einen Link senden k&ouml;nnen, um den Wiederherstellungsprozess zu beginnen
recovery_questionnaire_instructions.instruction2=Folgen Sie den Schritten zur Wiederherstellung Ihres Kontos (die Schritte variieren je nach Verifizierungsstufe Ihres Kontos)
recovery_questionnaire_loginfactor.banner.error=Bitte w&auml;hlen Sie eine Antwort.
recovery_questionnaire_loginfactor.no=Nein
recovery_questionnaire_loginfactor.question=Haben Sie mehr als einen Loginfaktor (AGOV Access App oder Sicherheitsschl&uuml;ssel) f&uuml;r Ihren AGOV-Login registriert?
recovery_questionnaire_loginfactor.yes=Ja
recovery_questionnaire_no_recovery.explanation1=Ausgehend von Ihren Antworten scheint eine Wiederherstellung Ihres AGOV-Logins im Moment nicht notwendig zu sein.
recovery_questionnaire_no_recovery.explanation2=Falls Sie weitere Informationen ben&ouml;tigen, besuchen Sie bitte <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> f&uuml;r Support-Artikel.
recovery_questionnaire_no_recovery.instruction1=Wenn Sie Probleme haben, sich bei einer Anwendung anzumelden, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> und testen Sie, ob Sie sich erfolgreich anmelden k&ouml;nnen.
recovery_questionnaire_no_recovery.instruction2=Wenn Sie mehrere Loginfaktoren registriert haben, aber den Zugriff zu einem von ihnen verloren haben, besuchen Sie bitte <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a>, um den verlorenen Loginfaktor zu entfernen.
recovery_questionnaire_reason_selection.answer1=Ich habe Probleme mich anzumelden, obwohl ich meine App / meinen Sicherheitsschl&uuml;ssel habe
recovery_questionnaire_reason_selection.answer10=Ich habe einen meiner Loginfaktoren verloren (AGOV access App oder Sicherheitsschl&uuml;ssel)
recovery_questionnaire_reason_selection.answer2=Ich konnte meine Registrierung nicht abschliessen
recovery_questionnaire_reason_selection.answer3=Ich habe meine AGOV access App gel&ouml;scht oder zur&uuml;ckgesetzt
recovery_questionnaire_reason_selection.answer4=Ich habe mein Telefon / Sicherheitsschl&uuml;ssel verloren
recovery_questionnaire_reason_selection.answer5=Ich habe ein neues Telefon und habe vergessen, meine AGOV access App zu &uuml;bertragen
recovery_questionnaire_reason_selection.answer6=Ich habe die PIN f&uuml;r meine AGOV access App vergessen
recovery_questionnaire_reason_selection.answer7=Ich habe meine Sicherheitsschl&uuml;ssel oder AGOV access Apps, hatte aber Probleme beim Einloggen
recovery_questionnaire_reason_selection.answer8=Ich habe den Zugriff auf alle meine Sicherheitsschl&uuml;ssel und Apps verloren
recovery_questionnaire_reason_selection.answer9=Ich habe Probleme mit einem meiner Loginfaktoren (gel&ouml;scht, zur&uuml;ckgesetzt, vergessene PIN)
recovery_questionnaire_reason_selection.banner.error=Bitte w&auml;hlen Sie einen Grund aus.
recovery_questionnaire_reason_selection.instruction=Bitte w&auml;hlen Sie einen Grund wieso Sie den AGOV recovery Prozess starten:
recovery_start_info.banner.warning=Sie k&ouml;nnen Ihr Konto nicht nutzen, bis der Wiederherstellungsprozess abgeschlossen ist.
recovery_start_info.instruction=W&auml;hrend des Wiederherstellungsprozesses werden Sie einen neuen Login-Faktor registrieren. Wenn Ihr Konto verifizierte Informationen enth&auml;lt, m&uuml;ssen Sie zum Abschluss des Wiederherstellungsprozesses m&ouml;glicherweise auch einen Verifikationsprozess durchlaufen.
recovery_start_info.title=Sie sind dabei, den Wiederherstellungsprozess zu starten
reject.button.label=Ablehnen
submit.button.label=Senden
tan.sent=Bitte erfassen Sie den Sicherheitscode, welcher an Ihr Mobiltelefon gesendet wurde.
title.login=Login
title.logout=Logout
title.logout.confirmation=Logout
title.logout.reminder=Logout
title.oauth.consent=Client Authorisierung
title.saml.failed=Error
title.timeout.page=Logout
user_input.invalid.email=Bitte geben Sie eine g&uuml;ltige E-Mail ein
user_input.invalid.email.required=Erforderliches Feld
user_input.invalid.email.tooLong=Eingabe zu lang

252
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/LitDict_en.properties Normal file
View File

@ -0,0 +1,252 @@
accept.button.label=Accept
cancel.button.label=Cancel
continue.button.label=Continue
darkModeSwitch.aria.label=Dark mode toggle
deputy.profile.label=(Deputy Profile)
error.saml.failed=Please close your browser and try again.
error_1=Please check your input.
error_10=Please select the correct user account.
error_100=Certificate upload not possible. Certificate already exists. Please contact your helpdesk.
error_101=The entered email address is not valid.
error_11=Please use another certficate or login with another credential type.
error_2=Please select another login name.
error_3=Your account will be locked if next authentication fails.
error_4=Your new password does not comply with the security policy. Please choose a different password.
error_5=Error in password confirmation.
error_50=The new password is too short.
error_55=The new password has to differ from old passwords.
error_6=Password change required.
error_7=Change of login ID required.
error_8=Your account has been locked due to repeated authentication failures.
error_81=No access card found, access from internet denied.
error_83=Your access card is no longer valid. Please contact your advisor to get a new access card.
error_9=Session take over failed.
error_97=You are not authorized to access this resource.
error_98=Your account has been locked.
error_99=System problems. Please try later.
error_9901=You need a valid on-boarding link to access this page.
error_9902=The email used for authentication doesn't match the expected one in operations. Please ask for a new on-boarding link.
error_9903=The used IdP didn't send us a valid assertion. Please make sure, you use the correct IdP. Ask the support for a new on-boarding link.
error_9904=Your link is not valid anymore. Please make sure, that you are using the latest Link received from operations. Ask for a new link, if the problem persists.
error_9905=There is a problem with your operations account. Please contact the support.
error_9909=An internal error occured. Please ask the support for a new on-boarding link.
errors.duplicateValue=Your account is already linked with another operations access.
fido2_auth.cancel.fido=The security key authentication was interrupted. Please ensure your FIDO key is registered and your email is correct, then follow the steps below.
fido2_auth.instruction1=Click on "Continue"
fido2_auth.instruction2=An authentication window will appear
fido2_auth.instruction3=Follow the instructions
fido2_auth.skipInstructions=Skip instructions next time
fido2_auth.switchLogin=SWITCH TO LOGIN WITH
footer.link=https://agov.ch/?c=contact&l=en
footer.link.label=Contact
footer.text=Authentication service of Swiss authorities AGOV - a collaboration between cantons, their municipalities, and the federal administration. -
general.AGOVAccessApp=AGOV access app
general.accessApp=AGOV access app
general.authenticate=Authenticate
general.back=Back
general.cancel=Cancel
general.confirm=Confirm
general.contactSupport=Contact Support
general.continue=Continue
general.edit=Edit
general.email=Email
general.email.address=Email address
general.entryCode=Code entry
general.getStarted=Get started
general.goAGOVHelp=Go to AGOV help
general.goAccessApp=Login with AGOV access
general.help=Help
general.help.link=https://agov.ch/help
general.login=Login
general.loginSecurityKey=Start Security key login
general.or=OR
general.otherOptions=OTHER OPTIONS
general.recovery=Recovery
general.recoveryOngoing=Ongoing recovery
general.register=Register
general.registerNow=Register now!
general.registration=Registration
general.securityKey=Security key
general.skip.content=Skip to main content
generic.auth.error.message=There was a service interruption. We are working on it.
generic.auth.error.next.steps=Please try again later. Please consult AGOV help if the problem persists.
generic.auth.error.subtitle=Something went wrong
generic.auth.error.title=Error
info.logout.confirmation=Please confirm that you want to log out.
info.logout.reminder=Your session on this application has expired. Try again with a login.
info.oauth.consent=Do you want to authorise this application to access your data?
info.timeout.page=Your session on this application has expired. Try again with a login.
language.de=Deutsch
language.en=English
language.fr=Fran&ccedil;ais
language.it=Italiano
languageDropdown.aria.label=Select language
loainfo.description.200=To access the application, we need to verify your data. The process can take up to 2 - 3 days.
loainfo.description.300=To access the application we need to verify your data through one of two processes. You can choose your preferred process in the next step.
loainfo.description.400=To access the application we need you to add your AHV Number (Swiss Social Security number).
loainfo.helper=Your data needs to be verified!
loainfo.later=Later
loainfo.startNow=Do you want to start the process now?
loainfo.startVerification=Start verification
loainfo.title=Verify your data
login.button.label=Login
logout.label=Logout
logout.text=You have successfully logged out.
mauth_usernameless.EID=Continue with CH E-ID
mauth_usernameless.banner.error=Authentication interrupted.<br>Please try again when the page reloads.
mauth_usernameless.banner.info=Scan successful.<br>Please continue in the AGOV access app.
mauth_usernameless.banner.success=Authentication successful!<br>Please wait to be logged in.
mauth_usernameless.cannotLogin=Lost access to your app / security key?
mauth_usernameless.hideQR=Hide QR code
mauth_usernameless.instructions=Log in by scanning the QR code with your AGOV access app
mauth_usernameless.noAccount=Don't have an AGOV-Login yet?
mauth_usernameless.showQR=Show QR code
mauth_usernameless.startRecovery=Start account recovery
mauth_usernameless.useSecurityKey=Use a security key to log in
mauth_usernameless.useSecurityKeyInfo=A physical security key offers a secure way to login without having to use a phone.
method.certificate.label=Certificate
method.fido.label=Mobile Authentication
method.fido2.label=FIDO 2
method.mtan.label=mTAN Code
method.oath.label=OATH Authenticator App
method.otp.label=OTP (One-Time Password)
method.recovery.label=Recovery Codes
method.safeword.label=SafeWord
method.securid.label=SecurID
method.ticket.label=Ticket
op-admin.login=AGOV op admin
op-admin.login.intro.message=Login with your username and password
op-admin.login.loginid=LoginId
op-admin.login.password=Passwort
op-admin.login.title=Login
op-admin.logout=AGOV op admin
op-admin.logout.message=You have successfully logged out.
op-admin.logout.title=Logout
op-admin.pwchange.intro.message=Password change required
op-admin.pwchange.newpassword=New password
op-admin.pwchange.newpassword2=Repeat new password
op-admin.pwchange.password=Current password
op-admin.pwchange.title=Password Change
op-idmlogin.role.accs-mgmt-idm=IDM accessrights management
op-idmlogin.role.accs-mgmt-nonidm=Accessrights management
op-idmlogin.role.idmcfg-mgmt=IDM set-up
op-idmlogin.role.readonly-access=Default access (readonly)
op-idmlogin.role.support-basic=Support cases (recovery, ...)
op-idmlogin.role.support-priv=3rd level support (archiving, off-boarding)
op-idmlogin.role.usr-mgmt=User management (operations)
op-idmlogin.role.usr-unit-mgmt=User and organization management (operations)
op-idmlogin.select=AGOV idm
op-idmlogin.select.intro=Please select one of the profiles below...
op-idmlogin.select.note=Profiles marked with a * should only be used if required for a specific support or release tasks.
op-idmlogin.select.title=Profile selection
op-onboarding.done.message=On-boarding was successfull. You can now use your AGOV operations access. Please close the browser, before accessing on of the operations application.
op-onboarding.done.title=DONE
op-onboarding.failed.title=ERROR
op-onboarding.intro.message1=To complete your on-boarding for your AGOV operations access, you need either an AGOV or a FED-LOGIN account.
op-onboarding.intro.message2=After clicking on "Continue", you will be redirected for authentication.
op-onboarding.intro.message3=If you are using AGOV, and your account doesn't meet yet the required AGOVaq level, you will be given the possibility to start the required ID verification.
op-onboarding.intro.title=START
op-onboarding.onboarding=AGOV op on-boarding
op-onboarding.process.message=During the processing something went wrong. Please contact AGOV support if necessary and ask also for a new on-boarding link.
outarg.lastLogin.never=Never
policyFailure.dictionary=&#9642; must not be taken from a dictionary.
policyFailure.history.History=&#9642; must be different from previously selected passwords.
policyFailure.regex.control=&#9642; cannot contain more than {0} control characters.
policyFailure.regex.lower=&#9642; must contain at least {0} lower case characters.
policyFailure.regex.maxCharacterRepetitions=&#9642; characters must not occur more than {0} time(s) consecutively.
policyFailure.regex.maxLength=&#9642; must be at most {0} characters long.
policyFailure.regex.minLength=&#9642; must be at least {0} characters long.
policyFailure.regex.nonAlnum=&#9642; must contain at least {0} non-alphanumeric characters.
policyFailure.regex.nonAscii=&#9642; cannot contain more than {0} non-ASCII characters.
policyFailure.regex.nonGraph=&#9642; cannot contain more than {0} non-printable characters.
policyFailure.regex.nonLetter=&#9642; must contain at least {0} non-letter characters.
policyFailure.regex.numeric=&#9642; must contain at least {0} numeric characters.
policyFailure.regex.upper=&#9642; must contain at least {0} upper case characters.
policyInfo.dictionary=&#9642; must not be taken from a dictionary.
policyInfo.history.History=&#9642; must be different from previously selected passwords.
policyInfo.regex.control=&#9642; cannot contain more than {0} control characters.
policyInfo.regex.lower=&#9642; must contain at least {0} lower case characters.
policyInfo.regex.maxCharacterRepetitions=&#9642; characters must not occur more than {0} time(s) consecutively.
policyInfo.regex.maxLength=&#9642; must be at most {0} characters long.
policyInfo.regex.minLength=&#9642; must be at least {0} characters long.
policyInfo.regex.nonAlnum=&#9642; must contain at least {0} non-alphanumeric characters.
policyInfo.regex.nonAscii=&#9642; cannot contain more than {0} non-ASCII characters.
policyInfo.regex.nonGraph=&#9642; cannot contain more than {0} non-printable characters.
policyInfo.regex.nonLetter=&#9642; must contain at least {0} non-letter characters.
policyInfo.regex.numeric=&#9642; must contain at least {0} numeric characters.
policyInfo.regex.upper=&#9642; must contain at least {0} upper case characters.
policyInfo.title=The password has to comply with the following password policy:
recovery_accessapp_auth.accessAppRegistered=AGOV access app already registered
recovery_accessapp_auth.instruction1=You have already registered a new AGOV access app !!!ACCESS_APP_NAME!!! as part of the recovery process.
recovery_accessapp_auth.instruction2=Please use !!!ACCESS_APP_NAME!!! to identify you.
recovery_check_code.codeIncorrect=Code entered is incorrect. Please try again.
recovery_check_code.enterRecoveryCode=Enter recovery code
recovery_check_code.instruction=Please enter below your personal 12-digit recovery code. You will have received the recovery code as a PDF file during registration or in AGOV me.
recovery_check_code.invalid.code=The code is invalid
recovery_check_code.invalid.code.required=Code required
recovery_check_code.invalid.code.tooLong=The code is too long
recovery_check_code.noAccess=I do not have access to my code
recovery_check_code.noCodeAccess=Are you sure you don't have access to your recovery code?
recovery_check_code.noCodeAccessInstructions=If you have lost access to your recovery code please go to AGOV help in order to contact a AGOV support agent. They will be able to help you with the recovery process.
recovery_check_noCode.banner.error=Too many attempts or your recovery code has expired.
recovery_check_noCode.instruction1=The recovery code you have entered might have expired or you might have tried to enter it too many times.
recovery_check_noCode.instruction2=Please go to AGOV help in order to contact a support agent. They will be able to help you with the recovery process.
recovery_code.banner.error=Please reveal your new code to be able to continue.
recovery_code.instruction=Recovery codes help you gain access to your account in case you lost all of your login factors. Please store the recovery code in a safe place.
recovery_code.newRecoveryCode=Introducing Recovery Code
recovery_code.validUntil=Valid until:
recovery_fidokey_auth.button=Start key authentication
recovery_fidokey_auth.fidoInstruction=Click on "Start key authentication"
recovery_fidokey_auth.instruction1=You have already registered a new security key !!!SECURITY_KEY_NAME!!! as part of the recovery process.
recovery_fidokey_auth.instruction2=Please use !!!SECURITY_KEY_NAME!!! to follow the steps below to identify you.
recovery_fidokey_auth.keyRegistered=Security key already registered
recovery_intro_email.banner.error=The link you used has expired. Please enter your email address to receive a new link.
recovery_intro_email.banner.info=Please enter your email address, so we can send you a link to start the recovery process.
recovery_intro_email.important=Important:
recovery_intro_email.process=The recovery process should only be used if you have lost access to your login factors (deleted AGOV access app, lost security key, lost phone, etc.).
recovery_intro_email_sent.banner.button=Didn't receive the email?
recovery_intro_email_sent.banner.success=Thank you! You will receive an email with a recovery link and instructions shortly.
recovery_on_going.finishRecovery=Finish recovery
recovery_on_going.instruction=You have an ongoing recovery process. Part of the recovery process can include an identity verification. To access applications with your AGOV-Login you need to finish the identity verification as well.
recovery_on_going.title=Please finish your recovery process.
recovery_questionnaire_instructions.banner.info=Please note that in certain cases you need access to your recovery code for a successful recovery.
recovery_questionnaire_instructions.explanation=Based on your answers an AGOV-Login recovery seems to be necessary. Please click on continue and follow the instructions on the screen.
recovery_questionnaire_instructions.instruction1=Provide your account email address so we can send you a link to begin the recovery process
recovery_questionnaire_instructions.instruction2=Follow steps to recover your account (steps will vary depending on your account verification level)
recovery_questionnaire_loginfactor.banner.error=Please select an answer.
recovery_questionnaire_loginfactor.no=No
recovery_questionnaire_loginfactor.question=Have you registered more than one login factor (AGOV access app or security key) to your account?
recovery_questionnaire_loginfactor.yes=Yes
recovery_questionnaire_no_recovery.explanation1=Based on your answers, the AGOV recovery option does not seem necessary right now.
recovery_questionnaire_no_recovery.explanation2=Should you need further information, please visit <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> for support articles.
recovery_questionnaire_no_recovery.instruction1=If you have issues logging in to an application, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> and test if you can log in successfully.
recovery_questionnaire_no_recovery.instruction2=If you have several login factors registered but lost access to one of them, please visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> to remove the one you have lost access to.
recovery_questionnaire_reason_selection.answer1=I have trouble logging in, even though I have my app / security key
recovery_questionnaire_reason_selection.answer10=I lost one of my login factors (AGOV access app or security key)
recovery_questionnaire_reason_selection.answer2=I was unable to finish my registration
recovery_questionnaire_reason_selection.answer3=I have deleted or reset my AGOV access app
recovery_questionnaire_reason_selection.answer4=I have lost my phone / security key
recovery_questionnaire_reason_selection.answer5=I have a new phone and forgot to transfer my AGOV access app
recovery_questionnaire_reason_selection.answer6=I forgot my PIN for the AGOV access app
recovery_questionnaire_reason_selection.answer7=I have my security keys or apps but had trouble logging in
recovery_questionnaire_reason_selection.answer8=I lost access to all my security keys and AGOV access apps
recovery_questionnaire_reason_selection.answer9=I have issues with one of my login factors (deleted, reset, forgotten PIN)
recovery_questionnaire_reason_selection.banner.error=Please select a reason.
recovery_questionnaire_reason_selection.instruction=Please select the reason you are starting the recovery process:
recovery_start_info.banner.warning=You will not be able to use your account until the recovery process has been concluded.
recovery_start_info.instruction=During the recovery process you will register a new login factor. If your account contains any verified information you might also have to go through a verification process to finish the recovery.
recovery_start_info.title=You are about to start the recovery process
reject.button.label=Deny
submit.button.label=Submit
tan.sent=Please enter the security code which has been sent to your mobile phone.
title.login=Login
title.logout=Logout
title.logout.confirmation=Logout
title.logout.reminder=Logout
title.oauth.consent=Client Authorization
title.saml.failed=Error
title.timeout.page=Logout
user_input.invalid.email=Please enter a valid email address
user_input.invalid.email.required=Field required
user_input.invalid.email.tooLong=Input is too long

252
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/LitDict_fr.properties Normal file
View File

@ -0,0 +1,252 @@
accept.button.label=Accepter
cancel.button.label=Abandonner
continue.button.label=Continuer
darkModeSwitch.aria.label=Activer l'apparence sombre
deputy.profile.label=(Profil du suppl&eacute;ant)
error.saml.failed=Fermez votre navigateur et r;eacute;essayez.
error_1=Veuillez v&eacute;rifier votre saisie.
error_10=Veuillez s&eacute;lectionner le compte d&rsquo;utilisateur correct.
error_100=Le t&eacute;l&eacute;chargement du certificat est impossible. Le certificat existe d&eacute;j&agrave;. Veuillez contacter votre service d&rsquo;assistance.
error_101=L&rsquo;adresse e-mail saisie n&rsquo;est pas valable.
error_11=Veuillez utiliser un autre certificat ou vous connecter au moyen d&rsquo;un autre type de facteur d&rsquo;authentification.
error_2=Veuillez s&eacute;lectionner un autre nom d&rsquo;utilisateur.
error_3=Votre compte sera bloqu&eacute; si la prochaine tentative d&rsquo;authentification &eacute;choue.
error_4=Votre nouveau mot de passe n&rsquo;est pas conforme &agrave; la politique de s&eacute;curit&eacute;. Veuillez choisir un autre mot de passe.
error_5=Erreur de confirmation du mot de passe
error_50=Le nouveau mot de passe est trop court.
error_55=Le nouveau mot de passe doit &ecirc;tre diff&eacute;rent des pr&eacute;c&eacute;dents.
error_6=Changement de mot de passe requis.
error_7=Changement d&rsquo;identifiant de connexion requis.
error_8=Votre compte a &eacute;t&eacute; bloqu&eacute; en raison de plusieurs &eacute;checs d&rsquo;authentification.
error_81=Aucune carte d&rsquo;acc&egrave;s n&rsquo;a &eacute;t&eacute; trouv&eacute;e, l&rsquo;acc&egrave;s depuis Internet est refus&eacute;.
error_83=Votre carte d&rsquo;acc&egrave;s n&rsquo;est plus valable. Veuillez contacter votre conseiller pour obtenir une nouvelle carte d&rsquo;acc&egrave;s.
error_9=La reprise de session a &eacute;chou&eacute;.
error_97=Vous n&rsquo;&ecirc;tes pas autoris&eacute; &agrave; acc&eacute;der &agrave; cette ressource.
error_98=Votre compte a &eacute;t&eacute; bloqu&eacute;.
error_99=Probl&egrave;mes de syst&egrave;me. Veuillez r&eacute;essayer plus tard.
error_9901=Vous devez disposer d&rsquo;un lien d&rsquo;enregistrement valable pour acc&eacute;der &agrave; cette page.
error_9902=L&rsquo;adresse e-mail utilis&eacute;e pour l&rsquo;authentification ne correspond pas &agrave; celle qui est renseign&eacute;e dans AGOV operations. Veuillez demander un nouveau lien d&rsquo;enregistrement.
error_9903=Le fournisseur d&rsquo;identit&eacute; utilis&eacute; ne nous a pas envoy&eacute; d&rsquo;assertion valide. Assurez-vous d&rsquo;utiliser le bon fournisseur d&rsquo;identit&eacute;. Demandez un nouveau lien d&rsquo;enregistrement au service d&rsquo;assistance.
error_9904=Le lien que vous avez suivi n&rsquo;est plus valable. Veuillez vous assurer que vous utilisez le dernier lien que vous avez re&ccedil;u d&rsquo;AGOV operations. Demandez un nouveau lien si le probl&egrave;me persiste.
error_9905=Il y a un probl&egrave;me avec votre compte AGOV operations. Veuillez contacter le service d&rsquo;assistance.
error_9909=Un probl&egrave;me interne s&rsquo;est produit. Veuillez demander un nouveau lien d&rsquo;enregistrement au service d&rsquo;assistance.
errors.duplicateValue=Votre compte est d&eacute;j&agrave; li&eacute; &agrave; un autre acc&egrave;s &agrave; AGOV operations.
fido2_auth.cancel.fido=L'authentification avec la cl&eacute; de s&eacute;curit&eacute; a &eacute;t&eacute; interrompue. Veuillez vous assurer que votre cl&eacute; FIDO est enregistr&eacute;e et que votre adresse e-mail est correcte, puis suivez les &eacute;tapes ci-dessous.
fido2_auth.instruction1=Cliquez sur "Continuer"
fido2_auth.instruction2=Une fen&ecirc;tre d'authentification s'affichera
fido2_auth.instruction3=Suivez les instructions
fido2_auth.skipInstructions=Passer les instructions la fois suivante
fido2_auth.switchLogin=S'AUTHENTIFIER AVEC
footer.link=https://agov.ch/?c=contact&l=fr
footer.link.label=Contact
footer.text=Service d'authentification des autorit&eacute;s suisses AGOV - une collaboration entre les cantons, leurs communes et l'administration f&eacute;d&eacute;rale. -
general.AGOVAccessApp=Application AGOV access
general.accessApp=Application AGOV access
general.authenticate=Authentification
general.back=Retour
general.cancel=Annuler
general.confirm=Confirmer
general.contactSupport=Contacter le service d'assistance
general.continue=Continuer
general.edit=Editer
general.email=E-mail
general.email.address=Adresse e-mail
general.entryCode=Entrer le code
general.getStarted=D&eacute;marrer
general.goAGOVHelp=Rendez-vous sur AGOV help
general.goAccessApp=Login avec AGOV access
general.help=Aide
general.help.link=https://agov.ch/help
general.login=Login
general.loginSecurityKey=D&eacute;marrer la connexion avec la cl&eacute; de s&eacute;curit&eacute;
general.or=OU
general.otherOptions=AUTRES OPTIONS
general.recovery=R&eacute;cup&eacute;ration
general.recoveryOngoing=R&eacute;cup&eacute;ration en cours
general.register=Cr&eacute;er un compte
general.registerNow=Enregistrez-vous d&egrave;s maintenant!
general.registration=Enregistrement
general.securityKey=Cl&eacute; de s&eacute;curit&eacute;
general.skip.content=Passer au contenu principal
generic.auth.error.message=Une interruption de service s&rsquo;est produite. Nous nous employons &agrave; r&eacute;soudre le probl&egrave;me.
generic.auth.error.next.steps=Veuillez r&eacute;essayer plus tard. Veuillez vous rendre sur AGOV help si le probl&egrave;me persiste.
generic.auth.error.subtitle=Un probl&egrave;me s&rsquo;est produit
generic.auth.error.title=Erreur
info.logout.confirmation=Veuillez confirmer que vous souhaitez vous d&eacute;connecter.
info.logout.reminder=Votre session sur cette application a expir&eacute;e. Essayez encore avec un login.
info.oauth.consent=Voulez-vous autoriser l&#39;application?
info.timeout.page=Votre session sur cette application a expir&eacute;e. Essayez encore avec un login.
language.de=Deutsch
language.en=English
language.fr=Fran&ccedil;ais
language.it=Italiano
languageDropdown.aria.label=S&eacute;lectionner la langue
loainfo.description.200=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es. Ce processus peut prendre jusqu'&agrave; 2 ou 3 jours.
loainfo.description.300=Pour acc&eacute;der &agrave; l'application, nous devons v&eacute;rifier vos donn&eacute;es par le biais de l'une des deux proc&eacute;dures suivantes. Vous pouvez choisir la proc&eacute;dure que vous pr&eacute;f&eacute;rez &agrave; l'&eacute;tape suivante.
loainfo.description.400=Pour acc&eacute;der &agrave; l'application, vous devez ajouter votre num&eacute;ro AVS.
loainfo.helper=Vos donn&eacute;es doivent &ecirc;tre v&eacute;rifi&eacute;es!
loainfo.later=Plus tard
loainfo.startNow=Voulez-vous commencer le processus maintenant?
loainfo.startVerification=D&eacute;marrer la v&eacute;rification
loainfo.title=V&eacute;rifiez vos donn&eacute;es
login.button.label=Login
logout.label=Logout
logout.text=Au revoir
mauth_usernameless.EID=Continuer avec l'e-ID suisse
mauth_usernameless.banner.error=Authentification interrompue.<br>Veuillez r&eacute;essayer lorsque la page sera recharg&eacute;e.
mauth_usernameless.banner.info=Scan r&eacute;ussi!<br> Veuillez continuer dans l'application AGOV access.
mauth_usernameless.banner.success=Authentification r&eacute;ussie!<br>Veuillez attendre d'&ecirc;tre connect&eacute;.
mauth_usernameless.cannotLogin=Avez-vous perdu l'acc&egrave;s &agrave; votre application / votre cl&eacute; de s&eacute;curit&eacute; ?
mauth_usernameless.hideQR=Cacher le code QR
mauth_usernameless.instructions=Connectez-vous en scannant le code QR avec l'application AGOV access
mauth_usernameless.noAccount=Vous n'avez pas encore d'AGOV-Login ?
mauth_usernameless.showQR=Afficher le code QR
mauth_usernameless.startRecovery=Commencer la r&eacute;cup&eacute;ration du compte
mauth_usernameless.useSecurityKey=Utiliser une cl&eacute; de s&eacute;curit&eacute; pour se connecter
mauth_usernameless.useSecurityKeyInfo=Une cl&eacute; de s&eacute;curit&eacute; physique offre un moyen s&ucirc;r de se connecter sans devoir utiliser son t&eacute;l&eacute;phone.
method.certificate.label=Certificat
method.fido.label=Mobile Authentication
method.fido2.label=FIDO 2
method.mtan.label=Code mTAN
method.oath.label=Application d'authentification OATH
method.otp.label=OTP (One-Time Password)
method.recovery.label=Codes de r&eacute;cup&eacute;ration
method.safeword.label=SafeWord
method.securid.label=SecurID
method.ticket.label=Ticket
op-admin.login=Administration de l&rsquo;acc&egrave;s &agrave; AGOV op
op-admin.login.intro.message=Connectez-vous avec votre nom d&rsquo;utilisateur et votre mot de passe
op-admin.login.loginid=Identifiant de connexion
op-admin.login.password=Mot de passe
op-admin.login.title=Connexion
op-admin.logout=Administration de l&rsquo;acc&egrave;s &agrave; AGOV op
op-admin.logout.message=Vous vous &ecirc;tes d&eacute;connect&eacute; avec succ&egrave;s.
op-admin.logout.title=D&eacute;connexion
op-admin.pwchange.intro.message=Changement de mot de passe requis
op-admin.pwchange.newpassword=Nouveau mot de passe
op-admin.pwchange.newpassword2=R&eacute;p&eacute;ter le nouveau mot de passe
op-admin.pwchange.password=Mot de passe actuel
op-admin.pwchange.title=Changer de mot de passe
op-idmlogin.role.accs-mgmt-idm=Gestion des droits d'acc&egrave;s IDM
op-idmlogin.role.accs-mgmt-nonidm=Gestion des droits d'acc&egrave;s
op-idmlogin.role.idmcfg-mgmt=Mise en place de l'IDM
op-idmlogin.role.readonly-access=Acc&egrave;s par d&eacute;faut (lecture seule)
op-idmlogin.role.support-basic=Cas de support (r&eacute;cup&eacute;ration, ...)
op-idmlogin.role.support-priv=Support de 3&egrave;me niveau (archivage, d&eacute;sinscription)
op-idmlogin.role.usr-mgmt=Gestion des utilisateurs (op&eacute;rations)
op-idmlogin.role.usr-unit-mgmt=Gestion des utilisateurs et des organisations (op&eacute;rations)
op-idmlogin.select=AGOV idm
op-idmlogin.select.intro=Veuillez s&eacute;lectionner l&rsquo;un des profils ci-dessous...
op-idmlogin.select.note=Les profils marqu&eacute;s d'un * ne doivent &ecirc;tre utilis&eacute;s que s'ils sont n&eacute;cessaires pour des t&acirc;ches sp&eacute;cifiques de support ou de mise en production.
op-idmlogin.select.title=S&eacute;l&eacute;ction du profil
op-onboarding.done.message=L&rsquo;enregistrement a &eacute;t&eacute; effectu&eacute; avec succ&egrave;s. Vous disposez maintenant d&rsquo;un acc&egrave;s &agrave; AGOV operations. Veuillez fermer le navigateur avant d&rsquo;acc&eacute;der &agrave; AGOV operations.
op-onboarding.done.title=TERMIN&Eacute;
op-onboarding.failed.title=ERREUR
op-onboarding.intro.message1=Pour terminer l&rsquo;enregistrement de votre acc&egrave;s &agrave; AGOV operations, vous devez disposer d&rsquo;un compte AGOV ou d&rsquo;un compte FED-LOGIN.
op-onboarding.intro.message2=Apr&egrave;s avoir cliqu&eacute; sur "Continuer", vous serez redirig&eacute; vers l&rsquo;authentification.
op-onboarding.intro.message3=Si vous utilisez AGOV et que votre compte n&rsquo;a pas encore atteint le niveau de qualit&eacute; d&rsquo;authentification requis, vous aurez la possibilit&eacute; de d&eacute;marrer la v&eacute;rification d&rsquo;identit&eacute; n&eacute;cessaire pour l&rsquo;atteindre.
op-onboarding.intro.title=D&Eacute;MARRER
op-onboarding.onboarding=Enregistrement de l&rsquo;acc&egrave;s &agrave; AGOV op
op-onboarding.process.message=Un probl&egrave;me s&rsquo;est produit. Veuillez contacter le service d&rsquo;assistance AGOV afin de demander un nouveau lien d&rsquo;enregistrement.
outarg.lastLogin.never=Jamais
policyFailure.dictionary=&#9642; ne peut pas &ecirc;tre pris d&#39;un dictionnaire.
policyFailure.history.History=&#9642; doit &ecirc;tre diff&eacute;rent des mots de passe pr&eacute;alablement s&eacute;lectionn&eacute;s.
policyFailure.regex.control=&#9642; ne peut contenir plus de {0} caract&egrave;res de commande.
policyFailure.regex.lower=&#9642; doit contenir au moins {0} caract&egrave;re(s) minuscule(s).
policyFailure.regex.maxCharacterRepetitions=&#9642; ne peut contenir une s&eacute;quence de plus de {0} du m&ecirc;me caract&egrave;re.
policyFailure.regex.maxLength=La longueur doit &ecirc;tre d&#39;au plus {0}.
policyFailure.regex.minLength=La longueur doit &ecirc;tre d&#39;au moins {0}.
policyFailure.regex.nonAlnum=&#9642; doit contenir au moins {0} caract&egrave;res non alphanum&eacute;riques.
policyFailure.regex.nonAscii=&#9642; ne peut contenir plus de {0} caract&egrave;res non ASCII ({1}).
policyFailure.regex.nonGraph=&#9642; ne peut contenir plus de {0} caract&egrave;res non imprimables ({1}).
policyFailure.regex.nonLetter=&#9642; doit contenir au moins {0} caract&egrave;res qui ne sont pas des lettres.
policyFailure.regex.numeric=&#9642; doit comprendre {0} caract&#232;res num&#233;riques.
policyFailure.regex.upper=&#9642; doit contenir au moins {0} caract&egrave;re(s) majuscule(s).
policyInfo.dictionary=&#9642; ne peut pas &ecirc;tre pris d&#39;un dictionnaire.
policyInfo.history.History=&#9642; ne peut pas &ecirc;tre l&#39; pr&eacute;c&eacute;demment choisis.
policyInfo.regex.control=&#9642; ne peut contenir plus de {0} caract&egrave;res de commande.
policyInfo.regex.lower=&#9642; doit contenir au moins {0} caract&egrave;re(s) minuscule(s).
policyInfo.regex.maxCharacterRepetitions=&#9642; ne peut contenir une s&eacute;quence de plus de {0} du m&ecirc;me caract&egrave;re.
policyInfo.regex.maxLength=&#9642; la longueur doit &ecirc;tre d&#39;au plus {0}.
policyInfo.regex.minLength=&#9642; la longueur doit &ecirc;tre d&#39;au moins {0}.
policyInfo.regex.nonAlnum=&#9642; doit contenir au moins {0} caract&egrave;res non alphanum&eacute;riques.
policyInfo.regex.nonAscii=&#9642; ne peut contenir plus de {0} caract&egrave;res non ASCII.
policyInfo.regex.nonGraph=&#9642; ne peut contenir plus de {0} caract&egrave;res non imprimables.
policyInfo.regex.nonLetter=&#9642; doit contenir au moins {0} caract&egrave;res qui ne sont pas des lettres.
policyInfo.regex.numeric=&#9642; doit comprendre au minimum {0} caract&#232;res num&#233;riques.
policyInfo.regex.upper=&#9642; doit contenir au moins {0} caract&egrave;re(s) majuscule(s).
policyInfo.title=Le mot de passe doit respecter les r&egrave;gles suivantes:
recovery_accessapp_auth.accessAppRegistered=L'application AGOV access est d&eacute;j&agrave; enregistr&eacute;e
recovery_accessapp_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle AGOV access app !!!ACCESS_APP_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
recovery_accessapp_auth.instruction2=Veuillez utiliser !!!ACCESS_APP_NAME!!! pour vous identifier.
recovery_check_code.codeIncorrect=Le code saisi est incorrect. Veuillez r&eacute;essayer.
recovery_check_code.enterRecoveryCode=Saisir le code de r&eacute;cup&eacute;ration
recovery_check_code.instruction=Veuillez saisir votre code de r&eacute;cup&eacute;ration &agrave; douze chiffres. Lors de votre inscription, vous avez re&ccedil;u le code de r&eacute;cup&eacute;ration sous la forme d&rsquo;un fichier PDF ou dans AGOV me.
recovery_check_code.invalid.code=Le code est invalide
recovery_check_code.invalid.code.required=Code requis
recovery_check_code.invalid.code.tooLong=Le code est trop long
recovery_check_code.noAccess=Je n&rsquo;ai pas acc&egrave;s &agrave; mon code de r&eacute;cup&eacute;ration
recovery_check_code.noCodeAccess=&Ecirc;tes-vous s&ucirc;r de ne pas avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration ?
recovery_check_code.noCodeAccessInstructions=En cas de perte de votre code de r&eacute;cup&eacute;ration, veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance AGOV. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
recovery_check_noCode.banner.error=Trop de tentatives ou expiration de votre code de r&eacute;cup&eacute;ration.
recovery_check_noCode.instruction1=Le code de r&eacute;cup&eacute;ration que vous avez saisi a peut-&ecirc;tre expir&eacute; ou vous avez peut-&ecirc;tre essay&eacute; de le saisir trop de fois.
recovery_check_noCode.instruction2=Veuillez vous rendre sur AGOV help et contacter le service d&rsquo;assistance. Un agent pourra vous aider dans le processus de r&eacute;cup&eacute;ration.
recovery_code.banner.error=Veuillez indiquer votre nouveau code pour pouvoir continuer.
recovery_code.instruction=Les codes de r&eacute;cup&eacute;ration vous permettent d'acc&eacute;der &agrave; votre compte au cas o&ugrave; vous auriez perdu tous vos identifiants. Conservez le code de r&eacute;cup&eacute;ration en lieu s&ucirc;r.
recovery_code.newRecoveryCode=Introduction du code de r&eacute;cup&eacute;ration
recovery_code.validUntil=Valable jusqu'au:
recovery_fidokey_auth.button=D&eacute;marrer l'authentification par cl&eacute; de s&eacute;curit&eacute;
recovery_fidokey_auth.fidoInstruction=Cliquez sur "D&eacute;marrer l'enregistrement de la cl&eacute;"
recovery_fidokey_auth.instruction1=Vous avez d&eacute;j&agrave; enregistr&eacute; une nouvelle cl&eacute; de s&eacute;curit&eacute; !!!SECURITY_KEY_NAME!!! dans le cadre du processus de r&eacute;cup&eacute;ration.
recovery_fidokey_auth.instruction2=Veuillez utiliser !!!SECURITY_KEY_NAME!!! pour suivre les &eacute;tapes ci-dessous afin de vous identifier.
recovery_fidokey_auth.keyRegistered=Cl&eacute; de s&eacute;curit&eacute; d&eacute;j&agrave; enregistr&eacute;e
recovery_intro_email.banner.error=Le lien que vous avez utilis&eacute; a expir&eacute;. Veuillez saisir votre adresse e-mail pour recevoir un nouveau lien.
recovery_intro_email.banner.info=Veuillez saisir votre adresse e-mail. Nous vous enverrons un e-mail vous permettant de d&eacute;marrer le processus de r&eacute;cup&eacute;ration.
recovery_intro_email.important=Important:
recovery_intro_email.process=Le processus de r&eacute;cup&eacute;ration ne doit &ecirc;tre utilis&eacute; que si vous avez perdu l'acc&egrave;s &agrave; vos facteurs de connexion (application AGOV access supprim&eacute;e, cl&eacute; de s&eacute;curit&eacute; perdue, t&eacute;l&eacute;phone perdu, etc.).
recovery_intro_email_sent.banner.button=Vous n&rsquo;avez pas re&ccedil;u l'email?
recovery_intro_email_sent.banner.success=Merci! Vous recevrez dans un instant un e-mail contenant un lien de r&eacute;cup&eacute;ration et des instructions.
recovery_on_going.finishRecovery=Terminer la r&eacute;cup&eacute;ration
recovery_on_going.instruction=Vous n&rsquo;avez pas encore termin&eacute; le processus de r&eacute;cup&eacute;ration. Dans le cadre du processus de r&eacute;cup&eacute;ration, votre identit&eacute; peut faire l&rsquo;objet d&rsquo;une v&eacute;rification. Pour acc&eacute;der &agrave; des applications au moyen de votre identifiant AGOV, vous devez terminer la v&eacute;rification d&rsquo;identit&eacute;.
recovery_on_going.title=Veuillez terminer le processus de r&eacute;cup&eacute;ration.
recovery_questionnaire_instructions.banner.info=Veuillez noter que dans certains cas, vous devez avoir acc&egrave;s &agrave; votre code de r&eacute;cup&eacute;ration pour que la r&eacute;cup&eacute;ration soit r&eacute;ussie.
recovery_questionnaire_instructions.explanation=D'apr&egrave;s vos r&eacute;ponses, une r&eacute;cup&eacute;ration de l'identifiant AGOV-Login semble n&eacute;cessaire. Veuillez cliquer sur continuer et suivre les instructions &agrave; l'&eacute;cran.
recovery_questionnaire_instructions.instruction1=Fournissez l'adresse &eacute;lectronique de votre compte afin que nous puissions vous envoyer un lien pour commencer le processus de r&eacute;cup&eacute;ration
recovery_questionnaire_instructions.instruction2=Suivez les &eacute;tapes pour r&eacute;cup&eacute;rer votre compte (les &eacute;tapes varient en fonction du niveau de v&eacute;rification de votre compte)
recovery_questionnaire_loginfactor.banner.error=Veuillez choisir une r&eacute;ponse.
recovery_questionnaire_loginfactor.no=Non
recovery_questionnaire_loginfactor.question=Avez-vous enregistr&eacute; plus d'un facteur d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;) sur votre compte ?
recovery_questionnaire_loginfactor.yes=Oui
recovery_questionnaire_no_recovery.explanation1=D'apr&egrave;s vos r&eacute;ponses, l'option de r&eacute;cup&eacute;ration d'AGOV ne semble pas n&eacute;cessaire pour l'instant.
recovery_questionnaire_no_recovery.explanation2=Si vous avez besoin de plus amples informations, veuillez consulter <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> pour obtenir des articles de soutien.
recovery_questionnaire_no_recovery.instruction1=Si vous rencontrez des difficult&eacute;s pour vous connecter &agrave; une application, visitez <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> et v&eacute;rifiez si vous pouvez vous connecter avec succ&egrave;s.
recovery_questionnaire_no_recovery.instruction2=Si vous avez enregistr&eacute; plusieurs facteurs de connexion mais que vous avez perdu l'acc&egrave;s &agrave; l'un d'entre eux, veuillez consulter <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> pour supprimer celui auquel vous avez perdu l'acc&egrave;s.
recovery_questionnaire_reason_selection.answer1=Je n'arrive pas &agrave; me connecter, m&ecirc;me si j'ai mon application / ma cl&eacute; de s&eacute;curit&eacute;
recovery_questionnaire_reason_selection.answer10=J'ai perdu l'un de mes facteurs d'authentification (application AGOV access ou cl&eacute; de s&eacute;curit&eacute;)
recovery_questionnaire_reason_selection.answer2=Je n'ai pas pu terminer mon inscription
recovery_questionnaire_reason_selection.answer3=J'ai supprim&eacute; ou r&eacute;initialis&eacute; mon application AGOV access
recovery_questionnaire_reason_selection.answer4=J'ai perdu mon t&eacute;l&eacute;phone / cl&eacute; de s&eacute;curit&eacute;
recovery_questionnaire_reason_selection.answer5=J'ai un nouveau t&eacute;l&eacute;phone et j'ai oubli&eacute; de transf&eacute;rer mon application AGOV access
recovery_questionnaire_reason_selection.answer6=J'ai oubli&eacute; mon PIN pour l'application AGOV access
recovery_questionnaire_reason_selection.answer7=J'ai mes cl&eacute;s de s&eacute;curit&eacute; ou mes applications, mais j'ai du mal &agrave; me connecter
recovery_questionnaire_reason_selection.answer8=J'ai perdu l'acc&egrave;s &agrave; toutes mes cl&eacute;s de s&eacute;curit&eacute; et aux applications AGOV access
recovery_questionnaire_reason_selection.answer9=J'ai des probl&egrave;mes avec l'un de mes facteurs d'authentification (effac&eacute;, r&eacute;initialis&eacute;, PIN oubli&eacute;)
recovery_questionnaire_reason_selection.banner.error=Veuillez s&eacute;lectionner un motif.
recovery_questionnaire_reason_selection.instruction=Veuillez s&eacute;lectionner la raison pour laquelle vous entamez le processus de r&eacute;cup&eacute;ration :
recovery_start_info.banner.warning=Vous ne pourrez pas utiliser votre compte tant que le processus de r&eacute;cup&eacute;ration n'aura pas &eacute;t&eacute; termin&eacute;.
recovery_start_info.instruction=Le processus de r&eacute;cup&eacute;ration n&eacute;cessitera l&rsquo;enregistrement d&rsquo;un nouveau facteur d&rsquo;authentification. Si votre compte contient des informations ayant d&eacute;j&agrave; &eacute;t&eacute; v&eacute;rifi&eacute;es, il se peut que vous deviez les faire v&eacute;rifier &agrave; nouveau pour terminer la r&eacute;cup&eacute;ration.
recovery_start_info.title=Vous &ecirc;tes sur le point de d&eacute;marrer le processus de r&eacute;cup&eacute;ration.
reject.button.label=Refuser
submit.button.label=Envoyer
tan.sent=Veuillez saisir le code de s&eacute;curit&eacute; que vous avez re&ccedil;u au votre t&eacute;l&eacute;phone mobile.
title.login=Login
title.logout=Logout
title.logout.confirmation=Logout
title.logout.reminder=Logout
title.oauth.consent=Autorisation du client
title.saml.failed=Error
title.timeout.page=Logout
user_input.invalid.email=Veuillez saisir un e-mail valable.
user_input.invalid.email.required=Champ requis
user_input.invalid.email.tooLong=La saisie est trop longue

252
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/LitDict_it.properties Normal file
View File

@ -0,0 +1,252 @@
accept.button.label=Accettare
cancel.button.label=Abortire
continue.button.label=Continua
darkModeSwitch.aria.label=Attivare la modalit&agrave; scura
deputy.profile.label=(profilo del delegato)
error.saml.failed=Chiudi il browser e riprova.
error_1=Verificare i dati inseriti.
error_10=Scegliere l&rsquo;account utente corretto.
error_100=Impossibile caricare il certificato. Il certificato esiste gi&agrave;. Contattare l&rsquo;help desk.
error_101=L&rsquo;e-mail inserita non &egrave; valida.
error_11=Utilizzare un altro certificato o accedere con altre credenziali.
error_2=Selezionare un altro nome di accesso.
error_3=Se la prossima autenticazione fallisce, l&rsquo;account sar&agrave; bloccato.
error_4=La nuova password non rispetta le norme di sicurezza. Scegliere un&rsquo;altra password.
error_5=Errore nella conferma della password.
error_50=La nuova password &egrave; troppo corta.
error_55=La nuova password deve differire da quelle precedenti.
error_6=&Egrave; richiesta la modifica della password.
error_7=&Egrave; richiesta la modifica dell&rsquo;ID di accesso.
error_8=A causa dei ripetuti tentativi di autenticazione falliti, l&rsquo;account &egrave; stato bloccato.
error_81=Non &egrave; stata trovata alcuna carta di accesso; l&rsquo;accesso da Internet &egrave; negato.
error_83=La carta di accesso non &egrave; pi&ugrave; valida. Per richiedere una nuova carta di accesso, contattare il responsabile.
error_9=Takeover di sessione fallito.
error_97=Accesso non autorizzato a questa risorsa.
error_98=L&rsquo;account &egrave; stato bloccato.
error_99=Ci sono problemi di sistema. Riprovare pi&ugrave; tardi.
error_9901=Per accedere a questa pagina, &egrave; necessario un link di registrazione valido.
error_9902=L&rsquo;e-mail utilizzata per l&rsquo;autenticazione non corrisponde a quella di AGOV operations. Richiedere un nuovo link di registrazione.
error_9903=L&rsquo;IdP utilizzato non ha inviato un&rsquo;asserzione valida. Assicurarsi di utilizzare l&rsquo;IdP corretto. Richiedere al supporto un nuovo link di registrazione.
error_9904=Il link non &egrave; pi&ugrave; valido. Assicurarsi di utilizzare il link pi&ugrave; recente ricevuto in AGOV operations. Se il problema persiste, richiedere un nuovo link.
error_9905=Si &egrave; verificato un problema con l&rsquo;account AGOV operations. Contattare il supporto.
error_9909=Si &egrave; verificato un errore interno. Richiedere al supporto un nuovo link di registrazione.
errors.duplicateValue=Il suo account &egrave; gi&agrave; collegato ad un altro accesso operativo.
fido2_auth.cancel.fido=L'autenticazione con la chiave di sicurezza &egrave; stata interrotta. Assicurarsi che la chiave FIDO sia registrata e che l'indirizzo e-mail sia corretto, poi seguire le istruzioni.
fido2_auth.instruction1=Cliccare su "Continua"
fido2_auth.instruction2=A breve si aprir&agrave; una finestra per l'autenticazione.
fido2_auth.instruction3=Seguire le istruzioni.
fido2_auth.skipInstructions=Non mostrare pi&ugrave; le istruzioni
fido2_auth.switchLogin=ACCEDERE CON
footer.link=https://agov.ch/?c=contact&l=it
footer.link.label=Contatto
footer.text=Servizio di autenticazione delle autorit&agrave; Svizzere AGOV - una collaborazione tra Cantoni, Comuni e l'Amministrazione federale. -
general.AGOVAccessApp=App AGOV access
general.accessApp=App AGOV access
general.authenticate=Autentifica
general.back=Indietro
general.cancel=Annullare
general.confirm=Confermare
general.contactSupport=Contattare il supporto
general.continue=Continuare
general.edit=Modificare
general.email=e-mail
general.email.address=Indirizzo e-mail
general.entryCode=Codice
general.getStarted=Iniziare
general.goAGOVHelp=Vai ad AGOV help
general.goAccessApp=Login con AGOV access
general.help=Aiuto
general.help.link=https://agov.ch/help
general.login=Accedere
general.loginSecurityKey=Iniziare il login con la chiave di sicurezza
general.or=O
general.otherOptions=ALTRE OPZIONI
general.recovery=Ripristino
general.recoveryOngoing=Ripristino in corso
general.register=Registrarsi
general.registerNow=Si registri ora!
general.registration=Registrazione
general.securityKey=Chiave di sicurezza
general.skip.content=Vai al contenuto principale
generic.auth.error.message=Si &egrave; verificata un&rsquo;interruzione. Stiamo lavorando per ripristinare l&rsquo;esercizio.
generic.auth.error.next.steps=Riprovare pi&ugrave; tardi. Se il problema persiste, consultare AGOV help.
generic.auth.error.subtitle=Qualcosa non ha funzionato.
generic.auth.error.title=Errore
info.logout.confirmation=Si prega di confermare che si desidera disconnettersi.
info.logout.reminder=La sessione su questa applicazione &#x26;egrave; scaduta. Prova ancora con un login.
info.oauth.consent=Vuoi consentire all&#39;applicazione?
info.timeout.page=La sessione su questa applicazione &#x26;egrave; scaduta. Prova ancora con un login.
language.de=Deutsch
language.en=English
language.fr=Fran&ccedil;ais
language.it=Italiano
languageDropdown.aria.label=Selezionare la lingua
loainfo.description.200=Per accedere all'app &egrave; necessaria una verifica dei dati. La procedura pu&ograve; richiedere fino a 2&ndash;3 giorni lavorativi.
loainfo.description.300=Per accedere all'app dobbiamo verificare i suoi dati tramite uno dei due processi. Al prossimo passaggio, pu&ograve; selezionare la procedura di verifica desiderata.
loainfo.description.400=Per acceddere all'applicazione deve inserire il numero AVS.
loainfo.helper=I dati devono essere verificati!
loainfo.later=Pi&ugrave; tardi
loainfo.startNow=Iniziare la procedura?
loainfo.startVerification=Iniziare la verifica
loainfo.title=Verificare i dati.
login.button.label=Login
logout.label=Logout
logout.text=&Egrave; uscito con successo.
mauth_usernameless.EID=Continuare con CH e-ID
mauth_usernameless.banner.error=Autenticazione interrotta.<br>Riprovare dopo che la pagina si sar&agrave; ricaricata.
mauth_usernameless.banner.info=La scansione &egrave; stata eseguita.<br>Continuare nell'app AGOV access.
mauth_usernameless.banner.success=Autenticazione riuscita!<br>Aspettare di essere connessi.
mauth_usernameless.cannotLogin=Ha perso l'accesso alla sua app/chiave di sicurezza?
mauth_usernameless.hideQR=Nascondi il codice QR
mauth_usernameless.instructions=Per accedere, scansionare il codice QR con l'app AGOV access.
mauth_usernameless.noAccount=Non ha ancora un AGOV-Login ?
mauth_usernameless.showQR=Visualizza il codice QR
mauth_usernameless.startRecovery=Inizia il recupero dell'account
mauth_usernameless.useSecurityKey=Accedere utilizzando una chiave di sicurezza.
mauth_usernameless.useSecurityKeyInfo=Una chiave di sicurezza fisica permette di accedere in modo sicuro senza utilizzare un telefono.
method.certificate.label=Certificato
method.fido.label=Mobile Authentication
method.fido2.label=FIDO 2
method.mtan.label=Codice mTAN
method.oath.label=App di autenticazione OATH
method.otp.label=OTP (One-Time Password)
method.recovery.label=Codici di ripristino
method.safeword.label=SafeWord
method.securid.label=SecurID
method.ticket.label=Ticket
op-admin.login=AGOV op admin
op-admin.login.intro.message=Accedere con nome utente e password
op-admin.login.loginid=ID di accesso
op-admin.login.password=Password
op-admin.login.title=Accedere
op-admin.logout=AGOV op admin
op-admin.logout.message=La sessione &egrave; terminata.
op-admin.logout.title=Disconnessione
op-admin.pwchange.intro.message=&Egrave; richiesta la modifica della password.
op-admin.pwchange.newpassword=Nuova password
op-admin.pwchange.newpassword2=Ripetere la nuova password
op-admin.pwchange.password=Password attuale
op-admin.pwchange.title=Modificare password
op-idmlogin.role.accs-mgmt-idm=Gestione dei diritti di accesso IDM
op-idmlogin.role.accs-mgmt-nonidm=Gestione dei diritti di accesso
op-idmlogin.role.idmcfg-mgmt=Configurazione dell'IDM
op-idmlogin.role.readonly-access=Accesso predefinito (sola lettura)
op-idmlogin.role.support-basic=Casi di supporto (ripristino, ...)
op-idmlogin.role.support-priv=Supporto di terzo livello (archiviazione, off-boarding)
op-idmlogin.role.usr-mgmt=Gestione utenti (operazioni)
op-idmlogin.role.usr-unit-mgmt=Gestione utenti e organizzazione (operazioni)
op-idmlogin.select=AGOV idm
op-idmlogin.select.intro=Si prega di selezionare uno dei seguenti profili...
op-idmlogin.select.note=I profili contrassegnati con * devono essere utilizzati solo se richiesti per attivit&agrave; di supporto o rilascio specifiche.
op-idmlogin.select.title=Selezione del profilo
op-onboarding.done.message=La registrazione &egrave; riuscita. Ora l&rsquo;accesso AGOV operations &egrave; pronto. Prima di accedere ad AGOV operations, chiudere il browser.
op-onboarding.done.title=FINITO
op-onboarding.failed.title=ERRORE
op-onboarding.intro.message1=Per completare la registrazione per l'accesso AGOV operations, &egrave; necessario avere un account AGOV o FED-LOGIN.
op-onboarding.intro.message2=Dopo aver cliccato su "Continua", si &egrave; reindirizzati al servizio di autenticazione.
op-onboarding.intro.message3=Se utilizza AGOV e l&rsquo;account non soddisfa ancora il livello richiesto AGOVaq, potr&agrave; avviare la verifica dell&rsquo;identit&agrave; richiesta.
op-onboarding.intro.title=INIZIARE
op-onboarding.onboarding=Registrazione AGOV op
op-onboarding.process.message=Qualcosa non ha funzionato. Contattare il supporto AGOV e, se necessario, richiedere un nuovo link di registrazione.
outarg.lastLogin.never=Mai
policyFailure.dictionary=&#9642; non pu&ograve; essere presa da un dizionario.
policyFailure.history.History=&#9642; deve essere diversa da password precedenti.
policyFailure.regex.control=&#9642; non pu&ograve; contenere pi&ugrave; di {0} caratteri di controllo.
policyFailure.regex.lower=&#9642; deve conenere almeno {0} caratteri minuscoli.
policyFailure.regex.maxCharacterRepetitions=&#9642; non pu&ograve; contentere una sequenza pi&ugrave; lunga di {0} caratteri uguali.
policyFailure.regex.maxLength=&#9642; deve contenere al massimo {0} caratteri.
policyFailure.regex.minLength=&#9642; deve contenere almeno {0} caratteri.
policyFailure.regex.nonAlnum=&#9642; deve conenere almeno {0} caratteri non alfanumerici.
policyFailure.regex.nonAscii=&#9642; non pu&ograve; contenere pi&ugrave; di {0} caratteri non ASCII.
policyFailure.regex.nonGraph=&#9642; non pu&ograve; contenere pi&ugrave; di {0} caratteri non stampabili.
policyFailure.regex.nonLetter=&#9642; non pu&ograve; contenere pi&ugrave; di {0} numeri o caratteri speciali.
policyFailure.regex.numeric=&#9642; deve contenere {0} caratteri numerici.
policyFailure.regex.upper=&#9642; deve conenere almeno {0} caratteri maiuscoli.
policyInfo.dictionary=&#9642; non pu&ograve; essere presa da un dizionario.
policyInfo.history.History=&#9642; deve essere diversa dalle password precedenti.
policyInfo.regex.control=&#9642; non pu&ograve; contenere pi&ugrave; di {0} carattere/i di controllo.
policyInfo.regex.lower=&#9642; deve conenere almeno {0} carattere/i minuscolo/i.
policyInfo.regex.maxCharacterRepetitions=&#9642; non pu&ograve; contentere una sequenza pi&ugrave; lunga di {0} caratteri uguali.
policyInfo.regex.maxLength=&#9642; deve contenere al massimo {0} carattere/i.
policyInfo.regex.minLength=&#9642; deve contenere almeno {0} carattere/i.
policyInfo.regex.nonAlnum=&#9642; deve conenere almeno {0} carattere/i non alfanumerico/i.
policyInfo.regex.nonAscii=&#9642; non pu&ograve; contenere pi&ugrave; di {0} carattere/i non ASCII.
policyInfo.regex.nonGraph=&#9642; non pu&ograve; contenere pi&ugrave; di {0} carattere/i non stampabile/i.
policyInfo.regex.nonLetter=&#9642; non pu&ograve; contenere pi&ugrave; di {0} numero/i o caratere/i speciale/i.
policyInfo.regex.numeric=&#9642; deve contenere un minimo di {0} carattere/i numerico/i.
policyInfo.regex.upper=&#9642; deve conenere almeno {0} carattere/i maiuscolo/i.
policyInfo.title=La password deve rispettare le seguenti direttive:
recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata
recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app AGOV access !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
recovery_check_code.codeIncorrect=Il codice inserito non &egrave; corretto. Riprovare.
recovery_check_code.enterRecoveryCode=Inserisca il codice di recupero
recovery_check_code.instruction=Inserire qui sotto il codice di ripristino a 12 caratteri alfanumerici. Ha ricevuto questo codice in un file PDF al momento della registration o in AGOV me.
recovery_check_code.invalid.code=Il codice non &egrave; valido
recovery_check_code.invalid.code.required=Codice richiesto
recovery_check_code.invalid.code.tooLong=Il codice &egrave; troppo lungo
recovery_check_code.noAccess=Non ho il mio codice.
recovery_check_code.noCodeAccess=Conferma di non avere il codice di ripristino?
recovery_check_code.noCodeAccessInstructions=Se non ha pi&ugrave; il codice di ripristino, acceda ad AGOV help per contattare il supporto AGOV, che la assister&agrave; nel processo di ripristino.
recovery_check_noCode.banner.error=Troppi tentativi o codice di ripristino scaduto
recovery_check_noCode.instruction1=Il codice di ripristino inserito pu&ograve; essere scaduto o &egrave; stato inserito troppe volte.
recovery_check_noCode.instruction2=Si prega di andare alla guida di AGOV aiuto per contattare un agente dell'assistenza. Saranno in grado di aiutarla con il processo di recupero.
recovery_code.banner.error=Per procedere, inserire il nuovo codice.
recovery_code.instruction=Il codice di ripristino le aiuta ad accedere al suo conto in caso in cui lei abbia perso le credentiali di accesso. Per favore, conservi il codice di ripristino in un luogo sicuro.
recovery_code.newRecoveryCode=Introduzione del codice di ripristino
recovery_code.validUntil=Valido fino a:
recovery_fidokey_auth.button=Iniziare l'authenticazione della chiave
recovery_fidokey_auth.fidoInstruction=Cliccare su "Iniziare l'authenticazione della chiave"
recovery_fidokey_auth.instruction1=Ha gi&agrave; registrato una nuova chiave di sicurezza !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
recovery_fidokey_auth.instruction2=Si prega di usare !!!SECURITY_KEY_NAME!!! per poter seguire i passaggi seguenti per identificarti.
recovery_fidokey_auth.keyRegistered=Chiave di sicurezza gi&agrave; registrata
recovery_intro_email.banner.error=Il link utilizzato &egrave; scaduto. Per ricevere un nuovo link, inserire l&rsquo;indirizzo e-mail.
recovery_intro_email.banner.info=Per ricevere il link e avviare il processo di ripristino, inserire l&rsquo;indirizzo e-mail.
recovery_intro_email.important=Importante:
recovery_intro_email.process=Il processo di ripristino deve essere utilizzato solo se ha perso l'accesso ai suoi fattori di accesso (app AGOV access eliminata, chiave di sicurezza persa, telefono smarrito, ecc.).
recovery_intro_email_sent.banner.button=Non avete ricevuto l'e-mail?
recovery_intro_email_sent.banner.success=Grazie! &Egrave; stata inviata un&rsquo;e-mail contenente il codice di ripristino e le istruzioni.
recovery_on_going.finishRecovery=Completare il ripristino
recovery_on_going.instruction=&Egrave; in corso un processo di ripristino. Il processo di ripristino pu&ograve; includere una verifica dell&rsquo;identit&agrave;. Per accedere alle applicazioni con il proprio AGOV-Login, &egrave; necessario completare la verifica dell&rsquo;identit&agrave;.
recovery_on_going.title=Completare il processo di ripristino.
recovery_questionnaire_instructions.banner.info=Tenga presente che in alcuni casi &egrave; necessario utilizzare il codice di ripristino per un ripristino riuscito.
recovery_questionnaire_instructions.explanation=In base alle sue risposte sembra essere necessario un ripristino AGOV-Login. Fare clic su Continua e seguire le istruzioni visualizzate sullo schermo.
recovery_questionnaire_instructions.instruction1=Si prega di fornire l'indirizzo email del suo account in modo di poter inviarle un link per iniziare il processo di recupero
recovery_questionnaire_instructions.instruction2=Si prega di seguire i passaggi per recuperare il suo account (i passaggi varieranno a seconda del livello di verifica dell'account)
recovery_questionnaire_loginfactor.banner.error=Si prega di selezionare una risposta.
recovery_questionnaire_loginfactor.no=No
recovery_questionnaire_loginfactor.question=Ha registrato pi&ugrave; di un fattore di accesso (app AGOV access o chiave di sicurezza) al suo account?
recovery_questionnaire_loginfactor.yes=Si
recovery_questionnaire_no_recovery.explanation1=In base alle sue risposte, l'opzione di ripristino AGOV non sembra necessaria al momento.
recovery_questionnaire_no_recovery.explanation2=Se ha bisogno di ulteriori informazioni, visiti <a class='link' href='https://agov.ch/help' target='_blank'>https://agov.ch/help</a> per articoli di supporto.
recovery_questionnaire_no_recovery.instruction1=Se riscontra problemi di accesso a un'applicazione, visiti <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> e verifichi se pu&ograve; accedere con successo.
recovery_questionnaire_no_recovery.instruction2=Se ha registrato pi&ugrave; fattori di accesso ma ha perso l'accesso a uno di essi, visit <a class='link' href='https://agov.ch/me' target='_blank'>https://agov.ch/me</a> per rimuovere quello a cui ha perso l'accesso.
recovery_questionnaire_reason_selection.answer1=Ho problemi ad accedere, anche se ho la mia app/chiave di sicurezza
recovery_questionnaire_reason_selection.answer10=Ho perso uno dei miei fattori di accesso (app AGOV access o chiave di sicurezza)
recovery_questionnaire_reason_selection.answer2=Non sono riuscito a completare la registrazione
recovery_questionnaire_reason_selection.answer3=Ho eliminato o reimpostato la mia app AGOV access
recovery_questionnaire_reason_selection.answer4=Ho perso il telefono/la chiave di sicurezza
recovery_questionnaire_reason_selection.answer5=Ho un nuovo telefono e ho dimenticato di trasferire la mia app AGOV access
recovery_questionnaire_reason_selection.answer6=Ho dimenticato il PIN dell'app AGOV access
recovery_questionnaire_reason_selection.answer7=Ho i miei token di sicurezza o le mie app, ma ho avuto problemi ad accedere
recovery_questionnaire_reason_selection.answer8=Ho perso l'accesso a tutte le mie chiavi di sicurezza e alle app AGOV access
recovery_questionnaire_reason_selection.answer9=Ho problemi con uno dei miei fattori di accesso (PIN cancellato, reimpostato, dimenticato)
recovery_questionnaire_reason_selection.banner.error=Si prega di selezionare il motivo.
recovery_questionnaire_reason_selection.instruction=Si prega di selezionare il motivo per cui sta avviando il processo di recupero:
recovery_start_info.banner.warning=Non &egrave; possibile utilizzare l&rsquo;account finch&eacute; il processo di ripristino non sar&agrave; concluso.
recovery_start_info.instruction=Durante il processo di ripristino sar&agrave; registrato un nuovo fattore di accesso. Se l&rsquo;account contiene informazioni verificate, potrebbe essere necessario avviare un processo di verifica per completare il ripristino.
recovery_start_info.title=Il processo di ripristino sta per iniziare.
reject.button.label=Rifiuti
submit.button.label=Continua
tan.sent=Inserisci il codice di sicurezza che &egrave; stato inviato al tuo telefono cellulare.
title.login=Login
title.logout=Logout
title.logout.confirmation=Logout
title.logout.reminder=Logout
title.oauth.consent=Autorizzazione del client
title.saml.failed=Error
title.timeout.page=Logout
user_input.invalid.email=Inserire un'e-mail valida.
user_input.invalid.email.required=Campo obbligatorio
user_input.invalid.email.tooLong=Il testo inserito &egrave; troppo lungo.

79
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/OpOnbrdng-PostProcessing.groovy Normal file
View File

@ -0,0 +1,79 @@
import ch.nevis.esauth.auth.engine.AuthResponse
// for autditing
def user = session['ch.adnovum.nevisidm.user.extId'] ?: 'unknown'
def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
def minLoi = session['agov.op.onboarding.minLoi'] ?: 'unknown'
if (session['agov.op.onboarding.process.state'] == null) {
// 0) remove SAMLResponse, to avoid multiple processing
request.getInArgs().remove("SAMLResponse")
// check status
if (notes['saml.response.statusCode'] == 'urn:oasis:names:tc:SAML:2.0:status:Success') {
// we have to do the checks.
// 1) compare email
if (!notes['saml.attributes.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'].equalsIgnoreCase(session['ch.nevis.idm.User.email'])) {
def lasterrorinfo = "email don't match: idm=${session['ch.nevis.idm.User.email']} idp=${notes['saml.attributes.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress']}"
response.setNote('lasterror', '9902')
response.setNote('lasterrorinfo', lasterrorinfo)
LOG.info("Event='OP-FAILED', RequestedAq='${minLoi}', User=${user}, SourceIp=${sourceIp}, UserAgent=${userAgent}, lasterror=${response.getNote('lasterror')}, lasterrorinfo='${lasterrorinfo}'")
response.setStatus(AuthResponse.AUTH_ERROR)
return
}
def homeName = notes['saml.attributes.http://schemas.eiam.admin.ch/ws/2013/12/identity/claims/fp/homeName'] ?: 'unknown'
def subject = session['ch.nevis.auth.saml.assertion.subject'] ?: 'unknown'
if (homeName == 'unknown' || subject == 'unknown') {
def lasterrorinfo = "invalid info from IdP: subject=${subject} homeName=${homeName}"
response.setNote('lasterror', '9903')
response.setNote('lasterrorinfo', lasterrorinfo)
LOG.info("Event='OP-FAILED', RequestedAq='${minLoi}', User=${user}, SourceIp=${sourceIp}, UserAgent='${userAgent}', lasterror=${response.getNote('lasterror')}, lasterrorinfo='${lasterrorinfo}'")
response.setStatus(AuthResponse.AUTH_ERROR)
return
}
// ok - create the credential
response.setSessionAttribute('agov.op.onboarding.process.state', 'createCredential')
response.setSessionAttribute('agov.op.onboarding.homeName', homeName)
response.setSessionAttribute('agov.op.onboarding.subject', subject)
response.setSessionAttribute('agov.op.onboarding.subject', session['ch.nevis.auth.saml.assertion.subject'] ?: 'unknown')
response.setResult('createSamlFedCredential')
return
} else {
def lasterrorinfo = "authentication by IdP failed: ${notes['saml.response.statusCode']}"
response.setNote('lasterror', '9903')
response.setNote('lasterrorinfo', lasterrorinfo)
LOG.info("Event='OP-FAILED', RequestedAq='${minLoi}', User=${user}, SourceIp=${sourceIp}, UserAgent='${userAgent}', lasterror=${response.getNote('lasterror')}, lasterrorinfo='${lasterrorinfo}'")
response.setStatus(AuthResponse.AUTH_ERROR)
return
}
} else if (session['agov.op.onboarding.process.state'] == 'createCredential') {
// 2 Credential created, we or done
def responseId = session['ch.nevis.auth.saml.response.id']
def homeName = session['agov.op.onboarding.homeName'] ?: 'unknown'
def subject = session['agov.op.onboarding.subject'] ?: 'unknown'
LOG.info("Event='OP-SUCCESS', RequestedAq='${minLoi}', User=${user}, SourceIp=${sourceIp}, UserAgent='${userAgent}', ResponseID='${responseId}', subject='${subject}', homeName='${homeName}'")
response.setResult('done')
return
} else {
LOG.error("invalid state: ${session['agov.op.onboarding.process.state']}")
response.setNote('lasterror', '9909')
response.setNote('lasterrorinfo', 'internal error')
response.setResult('failure')
}

128
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/OpOnbrdng-PreProcessing.groovy Normal file
View File

@ -0,0 +1,128 @@
import ch.nevis.esauth.auth.engine.AuthResponse
import groovy.xml.XmlSlurper
// AGOVaq conversion
def minLoiRoleToCtxClssConvertorMap = [
"level100": "urn:qa.agov.ch:names:tc:ac:classes:100",
"level200": "urn:qa.agov.ch:names:tc:ac:classes:200",
"level300": "urn:qa.agov.ch:names:tc:ac:classes:300",
"level400": "urn:qa.agov.ch:names:tc:ac:classes:400",
"level500": "urn:qa.agov.ch:names:tc:ac:classes:500"
]
def cleanSession() {
def s = request.getAuthSession(true)
s.removeAttribute('agov.op.onboarding.ctxClass')
s.removeAttribute('agov.op.onboarding.minLoi')
s.removeAttribute('agov.op.onboarding.homeName')
s.removeAttribute('agov.op.onboarding.subject')
s.removeAttribute('agov.op.onboarding.process.state')
s.removeAttribute('ch.adnovum.nevisidm.userDto')
s.removeAttribute('saml.response.statusCode')
if (response.getActualRoles().length > 0) {
def actualRoles = Arrays.copyOf(response.getActualRoles(), response.getActualRoles().length)
actualRoles.each{ role -> response.removeActualRole(role) }
}
}
// for autditing
def user = session['ch.adnovum.nevisidm.user.extId'] ?: 'unknown'
def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
def minLoi = 'unknown'
// 1) makes sure, that we are or were invoked with a correct URL ticket, set error code, if not
if (inargs['cd'] == null && session['agov.op.onboarding.code'] == null) {
response.setNote('lasterror', '9901')
response.setNote('lasterrorinfo', 'valid on-boarding link required')
}
// 2a) if code as query param, store it to the session, and redirect
if (inargs['cd'] != null) {
// make sure, we are clean to be able to start over
cleanSession()
response.setSessionAttribute('agov.op.onboarding.code', inargs['cd'])
response.setStatus(AuthResponse.AUTH_CONTINUE)
response.setTransferDestination('/AUTH/ONBOARDING/')
response.setIsRedirectTransfer(true)
return
}
// 2b) clean the url, if necessary
if (request.currentResource.replaceAll('^https:\\/\\/[^\\/]+\\/AUTH\\/ONBOARDING\\/', '').length() > 0) {
response.setStatus(AuthResponse.AUTH_CONTINUE)
response.setTransferDestination('/AUTH/ONBOARDING/')
response.setIsRedirectTransfer(true)
return
}
// 3) if SAMLResponse available, process it
if (inargs['SAMLResponse'] != null) {
// we don't use a RelayState, make sure he is ignored
request.getInArgs().remove("RelayState")
response.setResult('processResponse')
return
}
// 4) check if we could already validate the ticket, and load the user
if (session['ch.adnovum.nevisidm.userDto'] != null && notes['lasterror'] == null) {
try {
def userDto = new XmlSlurper().parseText(session['ch.adnovum.nevisidm.userDto'])
def userState = userDto.state
if (userState == 'ACTIVE') {
def minLoiList = userDto.'**'.findAll { node -> node.name() == 'roles' && node.applicationName.text() == 'OP-MinLoi' }.collect({ node -> node.name.text() }).sort()
minLoi = minLoiList.isEmpty() ? null : minLoiList.first()
if (minLoi != null) {
response.setSessionAttribute('agov.op.onboarding.minLoi', minLoi)
if (minLoiRoleToCtxClssConvertorMap.containsKey(minLoi)) {
response.setSessionAttribute('agov.op.onboarding.ctxClass', minLoiRoleToCtxClssConvertorMap[minLoi])
} else {
LOG.warn("OP-ONBOARDING: Failed to convert '${minLoi}' to AGOVaq, taking 'urn:qa.agov.ch:names:tc:ac:classes:100'")
response.setSessionAttribute('agov.op.onboarding.ctxClass', "urn:qa.agov.ch:names:tc:ac:classes:100")
}
} else {
LOG.debug("OP-ONBOARDING: no 'OP-MinLoi'-role assigned to user ${user}, using AGOVaq100")
minLoi = "level100"
response.setSessionAttribute('agov.op.onboarding.minLoi', "level100")
response.setSessionAttribute('agov.op.onboarding.ctxClass', "urn:qa.agov.ch:names:tc:ac:classes:100")
}
LOG.info("Event='OP-AUTHNREQ', RequestedAq='${minLoi}', User=${user}, SourceIp=${sourceIp}, UserAgent=${userAgent}")
response.setResult('sendAuthnRequest')
} else {
// state != ACTIVE and no lasterror should not happen
LOG.error("On boarding ticket processing failed: state='${userState}' but not lasterror set")
response.setNote('lasterror', '9909')
response.setNote('lasterrorinfo', 'internal error')
}
} catch (Exception e) {
LOG.error("On boarding ticket processing failed: Exception " + e)
response.setNote('lasterror', '9909')
response.setNote('lasterrorinfo', 'internal error')
}
}
// 5) validate URL Ticket?
if (inargs['submit'] != null && notes['verifyTicket'] == null) {
response.setNote('verifyTicket', 'go')
response.setResult('verifyTicket')
return
}
// 6) if we reach that point, display the GUI
if (response.getNote('lasterror') != null) {
minLoi = session['agov.op.onboarding.minLoi'] ?: 'unknown'
LOG.info("Event='OP-FAILED', RequestedAq='${minLoi}', User=${user}, SourceIp=${sourceIp}, UserAgent=${userAgent}, lasterror=${response.getNote('lasterror')}, lasterrorinfo='${response.getNote('lasterrorinfo')}'")
cleanSession()
}
response.setStatus(AuthResponse.AUTH_CONTINUE)

1
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/bc.properties Normal file
View File

@ -0,0 +1 @@
bc.tracer.TraceIndentFactory=ch.nevis.bc.io.Log4jTraceIndentFactory

19
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/env.conf Normal file
View File

@ -0,0 +1,19 @@
RTENV_SECURITY_CHECK=no_shell
JAVA_OPTS=(
"-XX:+UseContainerSupport"
"-Dfile.encoding=UTF-8"
"-XX:MaxRAMPercentage=80.0"
"-Djava.net.preferIPv4Stack=true"
"-Djava.net.connectionTimeout=10000"
"-Djava.net.readTimeout=15000"
"-Dch.nevis.esauth.config=/var/opt/nevisauth/default/conf/esauth4.xml"
"-Djava.awt.headless=true"
"-javaagent:/opt/agent/opentelemetry-javaagent.jar"
"-Dotel.javaagent.logging=application"
"-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties"
"-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
"-Djavax.net.ssl.trustStore=/var/opt/keys/trust/auth-v1-default-tls-trust/truststore.p12"
"-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/auth-v1-default-tls-trust/keypass}"
)

2
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/esauth4.security Normal file
View File

@ -0,0 +1,2 @@
# this file is generated by nevisAdmin 4
security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider

1175
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/esauth4.xml Normal file
View File

File diff suppressed because it is too large Load Diff

15
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/log_login_user.groovy Normal file
View File

@ -0,0 +1,15 @@
try {
def session = request.getAuthSession(true)
def emailFromAssertion = session.getAttribute('emailFromAssertion') ?: 'unknown'
def subjectFromAssertion = session.getAttribute('ch.nevis.auth.saml.assertion.subject') ?: 'unknown'
def loginId = inargs.getProperty('isiwebuserid') ?: 'unknown'
def sourceIp = request.getLoginContext()['connection.HttpHeader.X-Real-IP'] ?: 'unknown'
def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?: request.getLoginContext()['connection.HttpHeader.User-Agent'] ?: 'unknown'
LOG.warn("Event='IDM-ADMIN-LOGIN', subject from assertion=${subjectFromAssertion}, email from assertion='${emailFromAssertion}', loginId=${loginId}, SourceIp=${sourceIp}, UserAgent='${userAgent}')")
response.setResult('ok');
} catch(Exception ex) {
LOG.error("Exception in logLoginUser groovy script: " + ex)
response.setResult('error');
}

39
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/logging.yml Normal file
View File

@ -0,0 +1,39 @@
Configuration:
monitorInterval: 60
Appenders:
Console:
- name: "SERVER"
target: "SYSTEM_OUT"
PatternLayout:
pattern: "[esauth4sv.log] %d{ISO8601} %-15.15t %mdc{trace_id} %mdc{span_id} %-20.20c %-5.5p %m%n"
RegexFilter:
regex: ".*GET /nevisauth/liveness.*"
onMatch: "DENY"
onMismatch: "ACCEPT"
Loggers:
Logger:
- name: "EsAuthStart"
level: "INFO"
- name: "org.apache.catalina.loader.WebappClassLoader"
level: "FATAL"
- name: "org.apache.catalina.startup.HostConfig"
level: "ERROR"
- name: "ch.nevis.esauth.events"
level: "FATAL"
- name: "AGOVOP-ACCT"
level: "INFO"
- name: "AuthEngine"
level: "INFO"
- name: "AuthPerf"
level: "INFO"
- name: "Script"
level: "INFO"
- name: "StdStates"
level: "INFO"
- name: "Vars"
level: "INFO"
Root:
level: "WARN"
additivity: "false"
AppenderRef:
- ref: "SERVER"

16
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/nevisauth.yml Normal file
View File

@ -0,0 +1,16 @@
server:
name: "default"
protocol: "https"
port: "8991"
host: "0.0.0.0"
tls:
keystore: "/var/opt/keys/own/auth-v1-default-identity/keystore.p12"
keystore-passphrase: "${exec:/var/opt/keys/own/auth-v1-default-identity/keypass}"
client-auth: "required"
truststore: "/var/opt/keys/trust/auth-v1-default-tls-client-trust/truststore.p12"
truststore-passphrase: "${exec:/var/opt/keys/trust/auth-v1-default-tls-client-trust/keypass}"
management:
server:
port: "9000"
healthchecks:
enabled: "true"

4
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/otel.properties Normal file
View File

@ -0,0 +1,4 @@
otel.service.name = auth
otel.traces.exporter = none
otel.metrics.exporter = none
otel.logs.exporter = none

23
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/prepare_done.groovy Normal file
View File

@ -0,0 +1,23 @@
// nevisProxy replaces the entire AUTH: scope when new outargs are returned by nevisAuth.
// Thus, we have to store tokens in the session (as a String) and restore them on subsequent step-ups.
// restore tokens
session.each { key, value ->
if (key.startsWith('outarg.token.')) {
def name = key.substring(7)
if (outargs.containsKey(name)) {
LOG.debug("not restoring token (outarg: $name) from session: outarg already set")
}
else {
LOG.debug("restoring token (outarg: $name) from session")
outargs.put(name, value)
}
}
}
// store tokens
outargs.each { name, value ->
if (name.startsWith('token.')) {
session.put('outarg.' + name, value)
}
}

22
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/redirect_relay_state.groovy Normal file
View File

@ -0,0 +1,22 @@
import ch.nevis.esauth.auth.states.saml.util.Communicator
import ch.nevis.esauth.auth.states.saml.util.Communicator.RelayStateProtection
def redirect(location) {
outargs.put('nevis.transfer.type', 'redirect')
outargs.put('nevis.transfer.destination', location)
}
// ServiceProviderState is not a finisher for AUTH_DONE
// thus the RelayState is stored in the session and the redirect is done here
// this is needed when a post-processing flow is assigned in the SAML SP Realm
def encodedRelayState = session.get('cached-RelayState')
if (encodedRelayState != null) {
def communicator = new Communicator()
communicator.setRelayStateProtection(RelayStateProtection.OBFUSCATED_AND_ENCODED)
def url = communicator.decodeRelayState(encodedRelayState)
if (url != null) {
LOG.debug("redirecting to ${url} according to stored RelayState")
session.remove('cached-RelayState')
redirect(url)
}
}

51
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/saml_sp_level.groovy Normal file
View File

@ -0,0 +1,51 @@
// restore roles and authentication level
// which may have been returned in the AuthnContext of the SAML Response
// example: saml.assertion.authnContextClassRef = auth.weak,2,urn:nevis:level:2
def context = notes['saml.assertion.authnContextClassRef']
if (context != null) {
LOG.debug("SAML Response contains AuthnContextClassRef: $context")
def roles = []
Integer maximumLevel = null
context.split(',').each { value ->
if (value.startsWith('urn:nevis:level:')) {
// remove prefix
def level = Integer.parseInt(value.substring(16))
LOG.debug("found level: $level")
if (maximumLevel == null || level > maximumLevel) {
maximumLevel = level
}
}
else {
LOG.debug("adding role $value from SAML Response / AuthnContext")
roles.add(value)
}
}
response.setAuthLevel("$maximumLevel")
if (!roles.isEmpty()) {
response.setActualRoles(roles as String[])
}
}
// revoke token roles to ensure that Application Access Tokens are recreated (stepup)
def roles = []
response.actualRoles.each { role ->
if (!role.startsWith('token.')) {
roles.add(role)
}
}
response.setActualRoles(roles as String[])
// ensure session exists
if (request.getSession(false) == null) {
session = request.getSession(true).getData()
}
// store RelayState query parameter in the session to ensure user can be redirected
// the redirect is performed by a script in case post-processing steps are assigned
if (inargs.containsKey('RelayState')) {
def value = inargs.get("RelayState")
session.put('cached-RelayState', value)
}
// set transition to signal that the script has been successfully executed
response.setResult('ok')

62
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/saml_sp_nevisidm_admin_realm_extract_issuer.groovy Normal file
View File

@ -0,0 +1,62 @@
import java.util.zip.Inflater
import java.util.zip.InflaterInputStream
def extractPost(String value) {
if (value == null) {
return
}
String text
if (value.startsWith("<")) {
text = value
}
else {
text = new String(value.decodeBase64())
}
def xml = new groovy.xml.XmlSlurper().parseText(text)
// according to the SAML spec Issuer is optional but we need it for dispatching
def issuer = xml.depthFirst().find { it -> it.name().equalsIgnoreCase("Issuer") }?.text()
session.put("saml.inbound.issuer", issuer)
}
def extractQuery(String value) {
byte[] d2 = Base64.getDecoder().decode(value)
def d3 = new ByteArrayInputStream(d2)
def d4 = new InflaterInputStream(d3, new Inflater(true))
def xml = new groovy.xml.XmlSlurper().parse(d4)
// according to the SAML spec Issuer is optional but we need it for dispatching
def issuer = xml.depthFirst().find { it -> it.name().equalsIgnoreCase("Issuer") }?.text()
session.put("saml.inbound.issuer", issuer)
}
def handleMessage(String name) {
def value = inargs.get(name)
def resource = request.getCurrentResource()
def url = new URL(resource)
def query = url.getQuery()
if (query != null && query.contains(name)) {
notes.put("saml.inbound.binding", "redirect")
extractQuery(value)
}
else {
notes.put("saml.inbound.binding", "post")
extractPost(value)
}
}
if (inargs.containsKey("SAMLResponse")) {
handleMessage("SAMLResponse")
}
else if (inargs.containsKey("SAMLRequest")) {
handleMessage("SAMLRequest")
}
else if (inargs.containsKey("soapheader")) {
handleMessage("soapheader")
}
else { // no incoming message.
if (request.getCurrentResource().matches('^http[s]?\u003A//[^/]+/SAML2/ACS/.*$')) {
LOG.debug("denying request without incoming message on ACS path")
return // giving up
}
}
response.setResult('ok')

62
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/saml_sp_nevisidm_operations_realm_extract_issuer.groovy Normal file
View File

@ -0,0 +1,62 @@
import java.util.zip.Inflater
import java.util.zip.InflaterInputStream
def extractPost(String value) {
if (value == null) {
return
}
String text
if (value.startsWith("<")) {
text = value
}
else {
text = new String(value.decodeBase64())
}
def xml = new groovy.xml.XmlSlurper().parseText(text)
// according to the SAML spec Issuer is optional but we need it for dispatching
def issuer = xml.depthFirst().find { it -> it.name().equalsIgnoreCase("Issuer") }?.text()
session.put("saml.inbound.issuer", issuer)
}
def extractQuery(String value) {
byte[] d2 = Base64.getDecoder().decode(value)
def d3 = new ByteArrayInputStream(d2)
def d4 = new InflaterInputStream(d3, new Inflater(true))
def xml = new groovy.xml.XmlSlurper().parse(d4)
// according to the SAML spec Issuer is optional but we need it for dispatching
def issuer = xml.depthFirst().find { it -> it.name().equalsIgnoreCase("Issuer") }?.text()
session.put("saml.inbound.issuer", issuer)
}
def handleMessage(String name) {
def value = inargs.get(name)
def resource = request.getCurrentResource()
def url = new URL(resource)
def query = url.getQuery()
if (query != null && query.contains(name)) {
notes.put("saml.inbound.binding", "redirect")
extractQuery(value)
}
else {
notes.put("saml.inbound.binding", "post")
extractPost(value)
}
}
if (inargs.containsKey("SAMLResponse")) {
handleMessage("SAMLResponse")
}
else if (inargs.containsKey("SAMLRequest")) {
handleMessage("SAMLRequest")
}
else if (inargs.containsKey("soapheader")) {
handleMessage("soapheader")
}
else { // no incoming message.
if (request.getCurrentResource().matches('^http[s]?\u003A//[^/]+/SAML2/ACS/.*$')) {
LOG.debug("denying request without incoming message on ACS path")
return // giving up
}
}
response.setResult('ok')

91
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/saml_sp_stepup.groovy Normal file
View File

@ -0,0 +1,91 @@
import ch.nevis.esauth.auth.states.saml.util.Communicator
boolean isLevel(String role) {
if (role != null && role.isNumber()) {
def number = Integer.parseInt(role)
if (number > 0 && number <= 9) {
return true
}
}
return false
}
def populateRequiredRoles() {
def requiredRoles = request.getRequiredRoles()
// set required roles on Session Upgrade Path
if (requiredRoles == null || requiredRoles.length == 0) {
if (inargs.containsKey('level')) {
def level = inargs.get('level')
LOG.debug("requested authentication level $level on session upgrade path")
String[] roles = [ level ]
request.setRequiredRoles(roles)
}
else {
LOG.debug('no authentication level requested')
// set a dummy role which never exists
// to force the SP to send an AuthnRequest to the IDP
String[] roles = [ 'dummy' ]
request.setRequiredRoles(roles)
}
}
// stepup triggered by Authorization Policy with Authentication Level
else if (requiredRoles.length > 1) {
// we strip this down to send only the desired level to the IDP
def level = requiredRoles.min()
LOG.debug("required minimum authentication level: $level")
String[] roles = [ level ]
request.setRequiredRoles(roles)
}
}
// redirect back to application if on Session Upgrade Path
def handleSessionUpgradePathRelayState() {
if (inargs.containsKey('relayState')) {
def encodedRelayState = inargs.get('relayState')
def communicator = new Communicator()
def url = communicator.decodeRelayState(encodedRelayState)
if (url != null) {
LOG.debug("user will be redirected to $url")
outargs.put('nevis.transfer.destination', url)
}
}
}
if (inargs.containsKey('SAMLResponse')) {
// consume SAML Response from IDP
LOG.debug('received SAML Response')
return // continue with ResultCond default
}
populateRequiredRoles()
// if any of the required authentication levels is already achieved
// then we can terminate the stepup early
// this is a work-around for SecurityRoleFilter
// which does not notice when the stepup process ends with AUTH_DONE on a different location
for (String role : request.getRequiredRoles()) {
if (isLevel(role)) {
LOG.debug("found level: $role")
def range = Integer.parseInt(role)..9
for (Integer level : range) { // higher levels are fine as well
LOG.debug("checking if level $level has been reached...")
if (response.actualRoles.contains("$level")) {
LOG.debug("required level $level has already been reached - skipping session upgrade")
handleSessionUpgradePathRelayState()
response.setResult('done')
return
}
}
}
}
if (session.containsKey('force-saml-authn')) {
LOG.debug('clearing force-saml-authn flag')
// clear marker
session.remove('force-saml-authn')
handleSessionUpgradePathRelayState()
}
else {
LOG.debug('setting force-saml-authn')
session.put('force-saml-authn', 'true')
}

7
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/saveemailfromassertiontosession.groovy Normal file
View File

@ -0,0 +1,7 @@
try {
response.setSessionAttribute('emailFromAssertion', notes['saml.attributes.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'])
response.setResult('ok');
} catch(Exception ex) {
LOG.error("Exception in saveEmailFromAssertionToSession groovy script: " + ex)
response.setResult('error');
}

74
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/selectIdmProfile.groovy Normal file
View File

@ -0,0 +1,74 @@
import groovy.xml.XmlSlurper
def idmSeverityRoleMap = [
"EnterpriseRoleAdmin": [11, "op-idmlogin.role.accs-mgmt-idm"],
"ClientRoot": [12, "op-idmlogin.role.support-priv"],
"AppAdmin": [20, "op-idmlogin.role.idmcfg-mgmt"],
"AppOwner": [5, "op-idmlogin.role.accs-mgmt-nonidm"],
"UserAndUnitAdmin": [7, "op-idmlogin.role.usr-unit-mgmt"],
"UserAdmin": [6, "op-idmlogin.role.usr-mgmt"],
"TemplateAdmin": [10, "op-idmlogin.role.support-basic"],
"Helpdesk": [1, "op-idmlogin.role.readonly-access" ]
]
try {
def dtoString = session['ch.adnovum.nevisidm.userDto']
def idmDto = new XmlSlurper().parseText(dtoString)
def idmPrfMap = idmDto.'**'.findAll
{ prf -> prf.name() == 'profiles'
&& prf.'**'.find
{ role -> role.name() == 'roles'
&& role.applicationName.text() == 'nevisIdm'
}
}.collectEntries { prf -> [ prf.extId.text(),
prf.'**'.findAll
{ role -> role.name() == 'roles'
&& role.applicationName.text() == 'nevisIdm'
}.collect{ rolePrioEntry -> idmSeverityRoleMap[rolePrioEntry.name.text()] ?: [1000, "DO-NOT-USE(${rolePrioEntry.name.text()})"]
}.sort { a, b -> a[0] <=> b[0] // sort by severity
}.last()[1] // take label of the ighest one
] }
if ((inargs.getProperty('submit', '') == 'go') && idmPrfMap.containsKey(inargs.getProperty('profile_selection', 'missing'))) {
// user selected a profile which exists, we take it
def operationsProfileExtId = inargs.getProperty('profile_selection', 'missing')
LOG.info("User selected profile: ${operationsProfileExtId} '${idmPrfMap.get(operationsProfileExtId)}'")
response.setSessionAttribute('operationsProfileExtId', '' + operationsProfileExtId)
response.setResult('ok')
return
} else if (idmPrfMap.size() == 1) {
// we take the only profile, with an IDM role
def operationsProfileExtId = idmPrfMap.keySet().first()
LOG.info("taking the only profile with an idm role: ${operationsProfileExtId} '${idmPrfMap.get(operationsProfileExtId)}'")
response.setSessionAttribute('operationsProfileExtId', '' + operationsProfileExtId)
response.setResult('ok')
return
} else if (idmPrfMap.isEmpty()) {
// no profile with an IDM role, do nothing
response.setResult('ok')
return
} else {
// user should select a profile
response.setGuiName('op_idmlogin_select_profile')
idmPrfMap.each {
response.addRadioGuiField('profile_selection', it.value, it.key)
}
response.addButtonGuiField('submit', 'general.continue', 'go')
response.setStatus(ch.nevis.esauth.auth.engine.AuthResponse.AUTH_CONTINUE)
return
}
} catch (Exception e) {
def errorMsg = "Failed to process profile selection: ${e.getMessage()}"
LOG.error(errorMsg, e)
response.setError(9901, errorMsg)
response.setResult('error')
}

32
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/conf/set_userextid_groovy_script_step.groovy Normal file
View File

@ -0,0 +1,32 @@
try {
def s = request.getAuthSession(true)
LOG.info("operationsExtId: ${notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserExtId']}")
LOG.info("operationsUserProfileExtIdList: ${notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserProfileExtId']}")
if (notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserExtId'] == null || notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserProfileExtId'] == null) {
LOG.error("[OPACCESS] User ${notes['saml.assertion.subject']} tried to access without operations account or profile")
response.setResult('error');
return
}
response.setSessionAttribute('operationsExtId', notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserExtId'])
// we take the first one, if there is no profile in the operations unit
def unitAndProfileExtidPar = notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserProfileExtId']
.split(',').find{pairstr -> pairstr.split("\\\\")[1] == "130274ee-7e24-4050-9b94-d5717ef52ade" }
?: notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserProfileExtId'].split(',')[0]
if (! unitAndProfileExtidPar.contains('130274ee-7e24-4050-9b94-d5717ef52ade') )
{
LOG.info("[OPACCESS] User ${notes['saml.assertion.subject']} with opaccount ${notes['saml.attributes.http://schemas.agov.ch/ws/2023/05/identity/claims/operationsUserExtId']} has no operations profile, we use the first one")
}
response.setSessionAttribute('operationsProfileExtId', unitAndProfileExtidPar.split("\\\\")[0])
response.setResult('ok');
} catch(Exception ex) {
LOG.warn("Exception in selectProfile groovy script: " + ex)
response.setResult('error');
}

0
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/log/.empty Normal file
View File

0
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/plugin/.empty Normal file
View File

0
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/run/.empty Normal file
View File

79
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/status.sh Executable file
View File

@ -0,0 +1,79 @@
#!/bin/bash
#
# NAME
# status.sh - Checks the status of the nevisAuth instance.
#
# SYNOPSIS
# status.sh
#
# DESCRIPTION
# Performs periodic checks until the instance is up or broken or timeout is reached.
# The script terminates when the process of the instance stops running.
# There are no arguments for this script.
#
# EXIT CODES
# 0 Instance is up.
# 1 Instance process is not running.
# 2 Instance is broken.
# 3 Timeout reached.
# Defines how much we should sleep between checking if the instance is up.
interval=1
# Defines how much we should wait the instance to start up until we give up and exit.
timeout=70
((end_time=${SECONDS}+$timeout))
# Checks if the process of the instance is still running.
# Arguments:
# None
# Returns:
# In case it is running, returns 0, otherwise non-zero (exit code of systemctl).
isProcessRunning() {
systemctl is-active --quiet nevisauth@default
IS_RUNNING=$?
return $IS_RUNNING
}
# Checks if the instance is up. (Attempts connecting to the instance)
# Arguments:
# None
# Returns:
# If the connection was successful and the instance up (is not broken), returns 0.
# If the connection was not successful, returns 1.
checkInstance() {
lsof -i :8991 -sTCP:LISTEN
EXIT_CODE=$?
return $EXIT_CODE
}
# This function encapsulates the logic of checking if the process is running and if the instance is up.
# In case the process is not running, exits with exit code 1.
# Arguments:
# None
# Returns:
# If the instance process is running, returns the result of the instance check function.
check() {
if isProcessRunning
then
checkInstance
CS=$?
return $CS
else
echo "Process is not running."
exit 1
fi
}
# Check the status of the instance periodically.
while ((${SECONDS} < ${end_time}))
do
sleep ${interval}
if check
then
echo "Instance is up."
exit 0
fi
done
echo "Exceeded check timeout (70s). Instance is down."
exit 3

0
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/auth-v1/var/opt/nevisauth/default/tmp/.empty Normal file
View File

20
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/etc/nevis/k8s-idm-job-v1-default-identity-641ac4edf0c17383d3c0ea38.yaml Normal file
View File

@ -0,0 +1,20 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisKeyStore"
metadata:
name: "idm-job-v1-default-identity"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "idm-job-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "641ac4edf0c17383d3c0ea38"
spec:
cn: "idm-job-v1"
usage: "<reserved for future use>"
san:
dns:
- "idm-job-v1"
- "idm-job-v1.adn-agov-nevisidm-admin-01-uat"
- "idm-job-v1-web"
- "idm-job-v1-web.adn-agov-nevisidm-admin-01-uat"
email: []

12
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/etc/nevis/k8s-idm-job-v1-default-signer-trust-641ac4edf0c17383d3c0ea38.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisTrustStore"
metadata:
name: "idm-job-v1-default-signer-trust"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "idm-job-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "641ac4edf0c17383d3c0ea38"
spec:
keystores: []

12
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/etc/nevis/k8s-idm-job-v1-default-tls-client-trust-641ac4edf0c17383d3c0ea38.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisTrustStore"
metadata:
name: "idm-job-v1-default-tls-client-trust"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "idm-job-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "641ac4edf0c17383d3c0ea38"
spec:
keystores: []

64
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/etc/nevis/k8s-nevisidm-batch-641ac4edf0c17383d3c0ea38.yaml Normal file
View File

@ -0,0 +1,64 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisComponent"
metadata:
name: "idm-job-v1"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "idm-job-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "641ac4edf0c17383d3c0ea38"
spec:
type: "NevisIDM"
replicas: 1
version: "8.2405.2"
gitInitVersion: "1.3.0"
runAsNonRoot: true
ports:
management: 8998
soap: 8989
resources:
limits:
cpu: "1000m"
memory: "2200Mi"
requests:
cpu: "10m"
memory: "500Mi"
livenessProbe:
management:
httpGet:
path: "/liveness"
periodSeconds: 30
timeoutSeconds: 6
readinessProbe:
management:
httpGet:
path: "/health"
periodSeconds: 30
timeoutSeconds: 6
startupProbe:
management:
httpGet:
path: "/health"
periodSeconds: 30
timeoutSeconds: 6
failureThreshold: 10
podDisruptionBudget:
maxUnavailable: "50%"
git:
tag: "r-29c1b415348a6c1b8b32c65f6f40449f8c7765b0"
dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1"
credentials: "git-credentials"
keystores:
- "idm-job-v1-default-identity"
truststores:
- "idm-job-v1-default-tls-client-trust"
- "idm-job-v1-default-signer-trust"
podSecurity:
policy: "baseline"
automountServiceAccountToken: false
timeZone: "Europe/Zurich"
secrets:
secret:
- "a2068eb83a60702322c13949-27ed70d3"
- "c418560f50e0332d087e85bf-89ec31e5"

18
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/etc/nevis/nevisidm_default.yml Normal file
View File

@ -0,0 +1,18 @@
schemaVersion: 1.0
instance:
type: "nevisidm"
name: "default"
directory: "/var/opt/nevisidm/default"
pid: "systemctl show nevisidm@default -p MainPID | cut -d '=' -f2"
source:
url: "/nevisadmin/#/projects/DEFAULT-ADN-AGOV-ADMIN-PROJECT/patterns/641ac4edf0c17383d3c0ea38"
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "641ac4edf0c17383d3c0ea38"
patternClass: "ch.nevis.admin.v4.plugin.nevisidm.patterns.NevisIDMDeployable"
resources:
ports:
- "0.0.0.0:8989"
control:
start: "systemctl restart nevisidm@default"
stop: "systemctl stop nevisidm@default"
status: "systemctl status nevisidm@default"

2
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/keys/trust/idm-db-tls-truststore/keypass Executable file
View File

@ -0,0 +1,2 @@
#!/bin/bash
echo 'password'

BIN
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks Normal file
View File

Binary file not shown.

BIN
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/keys/trust/idm-db-tls-truststore/truststore.p12 Normal file
View File

Binary file not shown.

45
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/keys/trust/idm-db-tls-truststore/truststore.pem Normal file
View File

@ -0,0 +1,45 @@
-----BEGIN CERTIFICATE-----
MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI
2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx
1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ
q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz
tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ
vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV
5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY
1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4
NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG
Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe
pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
MrY=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX
DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y
ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy
VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr
mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr
IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK
mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu
XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy
dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye
jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1
BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3
DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92
9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx
jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0
Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
-----END CERTIFICATE-----

0
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/.standalone Normal file
View File

34
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/conf/authorizationConfig.properties Normal file
View File

@ -0,0 +1,34 @@
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.TemplateAdmin=nevisIdm.SelfAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.UserAdmin=nevisIdm.UserAdmin,nevisIdm.SelfAdmin,nevisIdm.Helpdesk,nevisIdm.TemplateAdmin,nevisIdm.UserAndUnitAdmin,nevisIdm.AppAdmin,nevisIdm.AppOwner
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.Root=nevisIdm.SelfAdmin,nevisIdm.UserAdmin,nevisIdm.UserAndUnitAdmin,nevisIdm.MainAppOwner,nevisIdm.AppOwner,nevisIdm.Helpdesk,nevisIdm.TechUser,nevisIdm.AppAdmin,nevisIdm.SoapTechAccess,nevisIdm.SoapTechAccessReadOnly,nevisIdm.Root,nevisIdm.TemplateAdmin,nevisIdm.ClientRoot,nevisIdm.Impersonator,nevisIdm.EnterpriseRoleAdmin,nevisIdm.EnterpriseRoleOwner
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.AppOwner=nevisIdm.AppOwner,nevisIdm.UserAdmin,nevisIdm.SelfAdmin,nevisIdm.Helpdesk,nevisIdm.TemplateAdmin,nevisIdm.UserAndUnitAdmin,nevisIdm.AppAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.AppAdmin=nevisIdm.SelfAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.SoapTechAccessReadOnly=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.TechUser=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.ClientRoot=nevisIdm.ClientRoot,nevisIdm.UserAdmin,nevisIdm.SelfAdmin,nevisIdm.Helpdesk,nevisIdm.TemplateAdmin,nevisIdm.UserAndUnitAdmin,nevisIdm.AppAdmin,nevisIdm.AppOwner
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.Impersonator=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.EnterpriseRoleAdmin=nevisIdm.EnterpriseRoleAdmin,nevisIdm.UserAdmin,nevisIdm.SelfAdmin,nevisIdm.Helpdesk,nevisIdm.TemplateAdmin,nevisIdm.UserAndUnitAdmin,nevisIdm.AppAdmin,nevisIdm.AppOwner
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.Helpdesk=nevisIdm.SelfAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.BatchJobAdmin=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.MainAppOwner=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.UserAndUnitAdmin=nevisIdm.SelfAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.SelfAdmin=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.SoapTechAccess=nevisIdm.SelfAdmin,nevisIdm.UserAdmin,nevisIdm.UserAndUnitAdmin,nevisIdm.MainAppOwner,nevisIdm.AppOwner,nevisIdm.Helpdesk,nevisIdm.TechUser,nevisIdm.AppAdmin,nevisIdm.SoapTechAccess,nevisIdm.SoapTechAccessReadOnly,nevisIdm.TemplateAdmin,nevisIdm.EnterpriseRoleOwner
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.EnterpriseRoleOwner=

87
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/conf/batch.xml Normal file
View File

@ -0,0 +1,87 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
<bean class="org.springframework.scheduling.quartz.SchedulerFactoryBean" id="exportScheduler">
<property name="jobDetails">
<list>
<ref bean="IDM_Prune_History_Job"/>
<ref bean="pruneShadowAccountsJob"/>
</list>
</property>
<property name="triggers">
<list>
<ref bean="IDM_Prune_History_Job_Trigger"/>
<ref bean="pruneShadowAccountsJobTrigger"/>
</list>
</property>
<property name="dataSource">
<ref bean="dataSource"/>
</property>
<property name="quartzProperties">
<props>
<prop key="org.quartz.scheduler.instanceId">AUTO</prop>
<prop key="org.quartz.scheduler.instanceName">exportScheduler</prop>
<prop key="org.quartz.scheduler.makeSchedulerThreadDaemon">true</prop>
<prop key="org.quartz.threadPool.class">org.quartz.simpl.SimpleThreadPool</prop>
<prop key="org.quartz.threadPool.makeThreadsDaemons">true</prop>
<prop key="org.quartz.threadPool.threadCount">1</prop>
<prop key="org.quartz.jobStore.tablePrefix">TIDMQ_</prop>
<prop key="org.quartz.jobStore.class">org.springframework.scheduling.quartz.LocalDataSourceJobStore</prop>
<prop key="org.quartz.jobStore.driverDelegateClass">#{databaseConfigurationService.getDatabaseType() == T(ch.adnovum.nevisidm.service.properties.DatabaseType).POSTGRESQL ? 'org.quartz.impl.jdbcjobstore.PostgreSQLDelegate' : 'org.quartz.impl.jdbcjobstore.StdJDBCDelegate' }</prop>
<prop key="org.quartz.jobStore.isClustered">true</prop>
<prop key="org.quartz.jobStore.useProperties">false</prop>
</props>
</property>
<property name="applicationContextSchedulerContextKey" value="applicationContext"/>
</bean>
<bean class="org.springframework.scheduling.quartz.JobDetailFactoryBean" id="IDM_Prune_History_Job">
<property name="name" value="IDM_Prune_History_Job"/>
<property name="description" value="Batch Job IDM Prune History Job"/>
<property name="group" value="BatchGroup"/>
<property name="jobClass" value="ch.nevis.idm.batch.jobs.PruneHistoryJob"/>
<property name="durability" value="true"/>
<property name="jobDataMap">
<bean class="org.quartz.JobDataMap">
<constructor-arg>
<map>
<entry key="days" value="365"/>
</map>
</constructor-arg>
</bean>
</property>
</bean>
<bean class="org.springframework.scheduling.quartz.JobDetailFactoryBean" id="pruneShadowAccountsJob">
<property name="description" value="Archive and delete obsolete shadow accounts"/>
<property name="jobClass" value="ch.nevis.idm.batch.jobs.UpdateUserStateJob"/>
<property name="durability" value="true"/>
<property name="jobDataMap">
<bean class="org.quartz.JobDataMap">
<constructor-arg>
<map>
<entry key="daysNoActivity" value="-1"/>
<entry key="considerUsersNeverLoggedIn" value="true"/>
<entry key="sendWarning" value="false"/>
<entry key="daysGracePeriod" value="1"/>
<entry key="daysStatusDisabled" value="15"/>
<entry key="daysStatusArchived" value="85"/>
<entry key="disableOutdatedUsers" value="true"/>
<entry key="disableNotYetActiveUsers" value="true"/>
<entry key="excludeTechnicalUsers" value="true"/>
<entry key="restrictToClients" value="9f30aa08-4c53-458c-b144-90c16dc5ed6e"/>
</map>
</constructor-arg>
</bean>
</property>
</bean>
<bean class="org.springframework.scheduling.quartz.CronTriggerFactoryBean" id="IDM_Prune_History_Job_Trigger">
<property name="name" value="IDM_Prune_History_Job_Trigger"/>
<property name="description" value="Generated by nevisAdmin 4 pattern 0957497767812057fbf138cf"/>
<property name="group" value="BatchGroup"/>
<property name="jobDetail" ref="IDM_Prune_History_Job"/>
<property name="cronExpression" value="0 0 0 * * ?"/>
</bean>
<bean class="org.springframework.scheduling.quartz.CronTriggerFactoryBean" id="pruneShadowAccountsJobTrigger">
<property name="description" value="Archive and delete obsolete shadow accounts"/>
<property name="jobDetail" ref="pruneShadowAccountsJob"/>
<property name="cronExpression" value="30 0 0 * * ?"/>
</bean>
</beans>

8
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/conf/env.conf Normal file
View File

@ -0,0 +1,8 @@
JAVA_OPTS=(
"-XX:+UseContainerSupport"
"-XX:MaxRAMPercentage=80.0"
"-javaagent:/opt/agent/opentelemetry-javaagent.jar"
"-Dotel.javaagent.logging=application"
"-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
"-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
)

0
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/conf/import/.empty Normal file
View File

36
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/conf/logging.yml Normal file
View File

@ -0,0 +1,36 @@
Configuration:
monitorInterval: 60
Appenders:
Console:
- name: "APPLICATION"
target: "SYSTEM_OUT"
PatternLayout:
pattern: "[application.log] %d{ISO8601} %-15.15t %mdc{trace_id} %mdc{span_id} %-40.40c %-5.5p %m%n"
RegexFilter:
regex: ".*GET /liveness.*"
onMatch: "DENY"
onMismatch: "ACCEPT"
- name: "BATCHJOB"
target: "SYSTEM_OUT"
PatternLayout:
pattern: "[batch.log] %d{ISO8601} %-15.15t %mdc{trace_id} %mdc{span_id} %-40.40c %-5.5p %m%n"
RegexFilter:
regex: ".*GET /liveness.*"
onMatch: "DENY"
onMismatch: "ACCEPT"
Loggers:
Logger:
- name: "ch.nevis.idm.batch.jobs"
level: "INFO"
additivity: "false"
AppenderRef:
- ref: "BATCHJOB"
- name: "ch.nevis.idm.standalone"
level: "INFO"
- name: "ch.adnovum.nevisidm.service.dbperformance"
level: "INFO"
Root:
level: "WARN"
additivity: "false"
AppenderRef:
- ref: "APPLICATION"

118
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/conf/nevisidm-prod.properties Normal file
View File

@ -0,0 +1,118 @@
# source: pattern://641ac4edf0c17383d3c0ea38
web.gui.languages.default=de
# source: pattern://0d4bbba28a4a76094d41df81
database.connection.url=jdbc:mariadb://mariadb-agov-uat.mariadb.database.azure.com:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&useSSL=true&trustStore=/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
# source: pattern://0d4bbba28a4a76094d41df81
database.connection.username=adndbadmin
# source: pattern://0d4bbba28a4a76094d41df81
database.connection.password=secret://a2068eb83a60702322c13949-27ed70d3
# source: pattern://641ac4edf0c17383d3c0ea38
application.mail.smtp.host=greenmail.adn-agov-mail-01-dev.svc
# source: pattern://641ac4edf0c17383d3c0ea38
application.mail.smtp.port=3025
# source: pattern://641ac4edf0c17383d3c0ea38
application.mail.sender=noreply-agov-dev@adnovum.ch
# source: pattern://0116b3002d0e713e23e6be72
application.feature.email.validation.enabled=false
# source: pattern://0116b3002d0e713e23e6be72
application.feature.enterpriserole.enabled=true
# source: pattern://0116b3002d0e713e23e6be72, pattern://641ac4edf0c17383d3c0ea38
application.feature.multiclientmode.enabled=true
# source: pattern://0116b3002d0e713e23e6be72
application.generators.extid.application=uuid
# source: pattern://0116b3002d0e713e23e6be72
application.generators.extid.authorization=uuid
# source: pattern://0116b3002d0e713e23e6be72
application.generators.extid.client=uuid
# source: pattern://0116b3002d0e713e23e6be72
application.generators.extid.credential=uuid
# source: pattern://0116b3002d0e713e23e6be72
application.generators.extid.enterpriserole=uuid
# source: pattern://0116b3002d0e713e23e6be72
application.generators.extid.policyconfig=uuid
# source: pattern://0116b3002d0e713e23e6be72
application.generators.extid.profile=uuid
# source: pattern://0116b3002d0e713e23e6be72
application.generators.extid.role=uuid
# source: pattern://0116b3002d0e713e23e6be72
application.generators.extid.template=uuid
# source: pattern://0116b3002d0e713e23e6be72
application.generators.extid.unit=uuid
# source: pattern://0116b3002d0e713e23e6be72
application.generators.extid.user=uuid
# source: pattern://0116b3002d0e713e23e6be72, pattern://641ac4edf0c17383d3c0ea38
application.modules.auditing.autostartup.enabled=true
# source: pattern://0116b3002d0e713e23e6be72, pattern://641ac4edf0c17383d3c0ea38
application.modules.auditing.enabled=true
# source: pattern://0116b3002d0e713e23e6be72, pattern://641ac4edf0c17383d3c0ea38
application.modules.auditing.repeat.count=-1
# source: pattern://0116b3002d0e713e23e6be72, pattern://641ac4edf0c17383d3c0ea38
application.modules.event.autostartup.enabled=true
# source: pattern://0116b3002d0e713e23e6be72
application.modules.event.repeat.count=-1
# source: pattern://0116b3002d0e713e23e6be72
application.modules.provisioning.enabled=false
# source: pattern://0116b3002d0e713e23e6be72
database.connection.pool.size.max=5
# source: pattern://0116b3002d0e713e23e6be72
database.connection.pool.size.min=5
# source: pattern://0116b3002d0e713e23e6be72
database.connection.xa.enabled=false
# source: pattern://0116b3002d0e713e23e6be72
database.transaction.timeout=60
# source: pattern://641ac4edf0c17383d3c0ea38
management.server.host=0.0.0.0
# source: pattern://641ac4edf0c17383d3c0ea38
management.server.port=8998
# source: pattern://641ac4edf0c17383d3c0ea38
application.modules.batch.context=/var/opt/nevisidm/default/conf/batch.xml
# source: pattern://641ac4edf0c17383d3c0ea38
application.config.file.idmrole.authorization=/var/opt/nevisidm/default/conf/authorizationConfig.properties
# source: pattern://641ac4edf0c17383d3c0ea38
application.config.file.idmrole.mapping=/var/opt/nevisidm/default/conf/rolesMapping.properties
# source: pattern://641ac4edf0c17383d3c0ea38
application.config.file.idmrole.assignment=/var/opt/nevisidm/default/conf/rolesAssignment.properties
# source: pattern://641ac4edf0c17383d3c0ea38
application.config.file.attributeaccess=/opt/nevisidm/template/conf/attrAccess.properties
# source: pattern://641ac4edf0c17383d3c0ea38
application.config.file.tldlist=/opt/nevisidm/template/conf/tlds-alpha-by-domain.txt
# source: pattern://641ac4edf0c17383d3c0ea38
messaging.server.port=61616
# source: pattern://641ac4edf0c17383d3c0ea38
application.modules.printing.dir.target=/var/opt/nevisidm/default/generated_PDFs
# source: pattern://641ac4edf0c17383d3c0ea38
application.modules.auditing.provider=jsonAuditProvider
# source: pattern://641ac4edf0c17383d3c0ea38
application.modules.auditing.console=true
# source: pattern://641ac4edf0c17383d3c0ea38
server.name=default
# source: pattern://641ac4edf0c17383d3c0ea38
server.port=8989
# source: pattern://641ac4edf0c17383d3c0ea38
server.host=0.0.0.0
# source: pattern://641ac4edf0c17383d3c0ea38
server.tls.enabled=true
# source: pattern://641ac4edf0c17383d3c0ea38
server.tls.client-auth=requested
# source: pattern://641ac4edf0c17383d3c0ea38
server.tls.keystore=/var/opt/keys/own/idm-job-v1-default-identity/keystore.p12
# source: pattern://641ac4edf0c17383d3c0ea38
server.tls.keystore-passphrase=${exec:/var/opt/keys/own/idm-job-v1-default-identity/keypass}
# source: pattern://641ac4edf0c17383d3c0ea38
server.tls.truststore=/var/opt/keys/trust/idm-job-v1-default-tls-client-trust/truststore.p12
# source: pattern://641ac4edf0c17383d3c0ea38
server.tls.truststore-passphrase=${exec:/var/opt/keys/trust/idm-job-v1-default-tls-client-trust/keypass}
# source: pattern://641ac4edf0c17383d3c0ea38
server.auth.ninja.truststore=/var/opt/keys/trust/idm-job-v1-default-signer-trust/truststore.jks
# source: pattern://641ac4edf0c17383d3c0ea38
management.healthchecks.enabled=true
# source: pattern://641ac4edf0c17383d3c0ea38
security.properties.key=secret://c418560f50e0332d087e85bf-89ec31e5
# source: pattern://641ac4edf0c17383d3c0ea38
security.properties.fallback.enabled=false
# source: pattern://641ac4edf0c17383d3c0ea38
security.properties.algorithm=AES
# source: pattern://641ac4edf0c17383d3c0ea38
security.properties.cipher=AES/CBC/PKCS5Padding
# source: pattern://641ac4edf0c17383d3c0ea38
security.properties.paddinglength=10

4
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/conf/otel.properties Normal file
View File

@ -0,0 +1,4 @@
otel.service.name = idm-job
otel.traces.exporter = none
otel.metrics.exporter = none
otel.logs.exporter = none

34
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/conf/rolesAssignment.properties Normal file
View File

@ -0,0 +1,34 @@
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.TemplateAdmin=nevisIdm.Root,nevisIdm.EnterpriseRoleAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.UserAdmin=nevisIdm.Root,nevisIdm.EnterpriseRoleAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.Root=nevisIdm.Root
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.AppOwner=nevisIdm.Root,nevisIdm.EnterpriseRoleAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.AppAdmin=nevisIdm.Root,nevisIdm.EnterpriseRoleAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.SoapTechAccessReadOnly=nevisIdm.Root
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.TechUser=nevisIdm.Root
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.ClientRoot=nevisIdm.Root,nevisIdm.ClientRoot
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.Impersonator=nevisIdm.Root
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.EnterpriseRoleAdmin=nevisIdm.Root,nevisIdm.EnterpriseRoleAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.Helpdesk=nevisIdm.Root,nevisIdm.EnterpriseRoleAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.BatchJobAdmin=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.MainAppOwner=nevisIdm.Root
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.UserAndUnitAdmin=nevisIdm.Root,nevisIdm.EnterpriseRoleAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.SelfAdmin=nevisIdm.Root
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.SoapTechAccess=nevisIdm.Root
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.EnterpriseRoleOwner=nevisIdm.Root

34
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/conf/rolesMapping.properties Normal file
View File

@ -0,0 +1,34 @@
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.TemplateAdmin=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CollectionView,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.GenerateReport,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyAttributeAccessOverride,AccessControl.PropertySearch,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SearchResultsExport,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.UserAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState.14,AccessControl.CredentialCreate.14,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.Root=AccessControl.ApplicationCreate,AccessControl.ApplicationDelete,AccessControl.ApplicationModify,AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplCreate,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientCreate,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitCreate,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.BatchJobExecute,AccessControl.BatchJobView,AccessControl.ClientCreate,AccessControl.ClientDelete,AccessControl.ClientModify,AccessControl.ClientApplAssign,AccessControl.ClientApplDelete,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialDelete,AccessControl.CredentialModify,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.PersistentQueueRetry,AccessControl.PersistentQueueDelete,AccessControl.PersistentQueueView,AccessControl.PolicyConfigurationCreate,AccessControl.PolicyConfigurationDelete,AccessControl.PolicyConfigurationModify,AccessControl.PolicyConfigurationSearch,AccessControl.PolicyConfigurationView,AccessControl.ProfileArchive,AccessControl.ProfileCreate,AccessControl.ProfileDelete,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueCreate,AccessControl.PropertyAllowedValueDelete,AccessControl.PropertyAllowedValueModify,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyCreate,AccessControl.PropertyDelete,AccessControl.PropertyModify,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleCreate,AccessControl.RoleDelete,AccessControl.RoleModify,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SelfAdmin,AccessControl.UnitCreate,AccessControl.UnitCreateTopUnit,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserCreate,AccessControl.UserDelete,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.LoginIdOverride,AccessControl.TemplateStore,AccessControl.CollectionView,AccessControl.CollectionCreate,AccessControl.CollectionModify,AccessControl.CollectionDelete,AccessControl.TemplateView,AccessControl.TemplateCreate,AccessControl.TemplateModify,AccessControl.TemplateDelete,AccessControl.TemplateTextView,AccessControl.TemplateTextCreate,AccessControl.TemplateTextModify,AccessControl.TemplateTextDelete,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.CredentialViewPlainValue,AccessControl.DeputyCreate,AccessControl.DeputyDelete,AccessControl.UnitCredPolicyView,AccessControl.UnitCredPolicyCreate,AccessControl.UnitCredPolicyDelete,AccessControl.UserCreateTechUser,AccessControl.UserModifyTechUser,AccessControl.UserDeleteTechUser,AccessControl.UserArchiveTechUser,AccessControl.CredentialPdfView,AccessControl.EnterpriseAuthorizationCreate,AccessControl.EnterpriseAuthorizationDelete,AccessControl.EnterpriseAuthorizationModify,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleCreate,AccessControl.AuthorizationEnterpriseRoleDelete,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.EnterpriseRoleCreate,AccessControl.EnterpriseRoleModify,AccessControl.EnterpriseRoleDelete,AccessControl.EnterpriseRoleSearch,AccessControl.EnterpriseRoleView,AccessControl.EnterpriseRoleMemberCreate,AccessControl.EnterpriseRoleMemberDelete,AccessControl.EnterpriseRoleMemberSearch,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView,AccessControl.PersonalQuestionCreate,AccessControl.PersonalQuestionModify,AccessControl.PersonalQuestionDelete,AccessControl.LoginIdModify,AccessControl.TermsView,AccessControl.TermsCreate,AccessControl.TermsModify,AccessControl.TermsDelete,AccessControl.ConsentCreate,AccessControl.ConsentView
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.AppOwner=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserSearch,AccessControl.UserView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.AppAdmin=AccessControl.ApplicationCreate,AccessControl.ApplicationModify,AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.BatchJobExecute,AccessControl.BatchJobView,AccessControl.ClientCreate,AccessControl.ClientModify,AccessControl.ClientApplAssign,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.EntityAttributeAccessOverride,AccessControl.PersistentQueueRetry,AccessControl.PersistentQueueDelete,AccessControl.PersistentQueueView,AccessControl.PolicyConfigurationCreate,AccessControl.PolicyConfigurationModify,AccessControl.PolicyConfigurationSearch,AccessControl.PolicyConfigurationView,AccessControl.PropertyAllowedValueCreate,AccessControl.PropertyAllowedValueDelete,AccessControl.PropertyAllowedValueModify,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyCreate,AccessControl.PropertyDelete,AccessControl.PropertyModify,AccessControl.PropertySearch,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleCreate,AccessControl.RoleDelete,AccessControl.RoleModify,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitCreate,AccessControl.UnitCreateTopUnit,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.TemplateStore,AccessControl.CollectionView,AccessControl.CollectionCreate,AccessControl.CollectionModify,AccessControl.CollectionDelete,AccessControl.TemplateView,AccessControl.TemplateCreate,AccessControl.TemplateModify,AccessControl.TemplateDelete,AccessControl.TemplateTextView,AccessControl.TemplateTextCreate,AccessControl.TemplateTextModify,AccessControl.TemplateTextDelete,AccessControl.UnitCredPolicyView,AccessControl.UnitCredPolicyCreate,AccessControl.UnitCredPolicyDelete
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.SoapTechAccessReadOnly=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SelfAdmin,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserSearch,AccessControl.UserView,AccessControl.TemplateStore,AccessControl.CollectionView,AccessControl.TemplateView,AccessControl.TemplateTextView,AccessControl.PersistentQueueView,AccessControl.PolicyConfigurationSearch,AccessControl.PolicyConfigurationView,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.EnterpriseRoleSearch,AccessControl.EnterpriseRoleView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.HistoryView,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.TechUser=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.ClientRoot=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationDelete,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialDelete,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileArchive,AccessControl.ProfileDelete,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueDelete,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.HistoryView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.Impersonator=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.EnterpriseRoleAdmin=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationClientCreate,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationUnitCreate,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationApplCreate,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationView,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitCredPolicyView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserSearch,AccessControl.UserView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.Helpdesk=AccessControl.UserSearch,AccessControl.UserView,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationView,AccessControl.AuthorizationApplView,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.PropertySearch,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyValueSearch,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.SearchResultsExport,AccessControl.ClientApplView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.HistoryView
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.BatchJobAdmin=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.MainAppOwner=AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.UnitSearch,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationApplCreate,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationView,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.UserSearch,AccessControl.UserView,AccessControl.RoleView,AccessControl.AuthorizationUnitCreate,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.CollectionView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.SearchResultsExport,AccessControl.AuthorizationClientCreate,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.ClientApplView,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.EnterpriseRoleSearch,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView,AccessControl.TermsView,AccessControl.TermsCreate,AccessControl.TermsModify,AccessControl.TermsDelete
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.UserAndUnitAdmin=AccessControl.ApplicationView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationClientView,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.EntityAttributeAccessOverride,AccessControl.ProfileCreate,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.UnitCreate,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserCreate,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.PropertyAttributeAccessOverride,AccessControl.CollectionView,AccessControl.GenerateReport,AccessControl.SearchResultsExport,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseRoleView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.SelfAdmin=AccessControl.SelfAdmin,AccessControl.LoginIdModify
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.SoapTechAccess=AccessControl.ApplicationCreate,AccessControl.ApplicationDelete,AccessControl.ApplicationModify,AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.AuthorizationCreate,AccessControl.AuthorizationDelete,AccessControl.AuthorizationModify,AccessControl.AuthorizationSearch,AccessControl.AuthorizationApplCreate,AccessControl.AuthorizationApplDelete,AccessControl.AuthorizationApplSearch,AccessControl.AuthorizationApplView,AccessControl.AuthorizationUnitCreate,AccessControl.AuthorizationUnitDelete,AccessControl.AuthorizationUnitSearch,AccessControl.AuthorizationUnitView,AccessControl.AuthorizationView,AccessControl.BatchJobExecute,AccessControl.BatchJobView,AccessControl.ClientCreate,AccessControl.ClientDelete,AccessControl.ClientModify,AccessControl.ClientApplAssign,AccessControl.ClientApplDelete,AccessControl.ClientApplView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.CredentialChangeState,AccessControl.CredentialCreate,AccessControl.CredentialDelete,AccessControl.CredentialModify,AccessControl.CredentialSearch,AccessControl.CredentialView,AccessControl.PersistentQueueRetry,AccessControl.PersistentQueueDelete,AccessControl.PersistentQueueView,AccessControl.PolicyConfigurationCreate,AccessControl.PolicyConfigurationDelete,AccessControl.PolicyConfigurationModify,AccessControl.PolicyConfigurationSearch,AccessControl.PolicyConfigurationView,AccessControl.ProfileArchive,AccessControl.ProfileCreate,AccessControl.ProfileDelete,AccessControl.ProfileModify,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.PropertyAllowedValueCreate,AccessControl.PropertyAllowedValueDelete,AccessControl.PropertyAllowedValueModify,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyCreate,AccessControl.PropertyDelete,AccessControl.PropertyModify,AccessControl.PropertySearch,AccessControl.PropertyValueCreate,AccessControl.PropertyValueDelete,AccessControl.PropertyValueModify,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.PropertyView,AccessControl.RoleCreate,AccessControl.RoleDelete,AccessControl.RoleModify,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.SelfAdmin,AccessControl.UnitCreate,AccessControl.UnitCreateTopUnit,AccessControl.UnitDelete,AccessControl.UnitModify,AccessControl.UnitSearch,AccessControl.UnitView,AccessControl.UserArchive,AccessControl.UserCreate,AccessControl.UserDelete,AccessControl.UserModify,AccessControl.UserSearch,AccessControl.UserView,AccessControl.TemplateStore,AccessControl.CollectionView,AccessControl.CollectionCreate,AccessControl.CollectionModify,AccessControl.CollectionDelete,AccessControl.TemplateView,AccessControl.TemplateCreate,AccessControl.TemplateModify,AccessControl.TemplateDelete,AccessControl.TemplateTextView,AccessControl.TemplateTextCreate,AccessControl.TemplateTextModify,AccessControl.TemplateTextDelete,AccessControl.AuthorizationClientCreate,AccessControl.AuthorizationClientDelete,AccessControl.AuthorizationClientSearch,AccessControl.AuthorizationClientView,AccessControl.CredentialViewPlainValue,AccessControl.UnitCredPolicyView,AccessControl.UnitCredPolicyCreate,AccessControl.UnitCredPolicyDelete,AccessControl.EnterpriseAuthorizationCreate,AccessControl.EnterpriseAuthorizationDelete,AccessControl.EnterpriseAuthorizationModify,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleCreate,AccessControl.AuthorizationEnterpriseRoleDelete,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.EnterpriseRoleCreate,AccessControl.EnterpriseRoleModify,AccessControl.EnterpriseRoleDelete,AccessControl.EnterpriseRoleSearch,AccessControl.EnterpriseRoleView,AccessControl.EnterpriseRoleMemberCreate,AccessControl.EnterpriseRoleMemberDelete,AccessControl.EnterpriseRoleMemberSearch,AccessControl.HistoryView,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView,AccessControl.PersonalQuestionCreate,AccessControl.PersonalQuestionModify,AccessControl.PersonalQuestionDelete,AccessControl.LoginIdModify,AccessControl.ConsentCreate,AccessControl.ConsentView
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.EnterpriseRoleOwner=AccessControl.EnterpriseRoleSearch,AccessControl.EnterpriseRoleView,AccessControl.EnterpriseRoleMemberSearch,AccessControl.EnterpriseAuthorizationCreate,AccessControl.EnterpriseAuthorizationDelete,AccessControl.EnterpriseAuthorizationModify,AccessControl.EnterpriseAuthorizationSearch,AccessControl.EnterpriseAuthorizationView,AccessControl.AuthorizationEnterpriseRoleSearch,AccessControl.AuthorizationEnterpriseRoleView,AccessControl.AuthorizationSearch,AccessControl.AuthorizationView,AccessControl.ClientSearch,AccessControl.ClientView,AccessControl.UserSearch,AccessControl.UserView,AccessControl.ProfileSearch,AccessControl.ProfileView,AccessControl.UnitSearch,AccessControl.ApplicationSearch,AccessControl.ApplicationView,AccessControl.RoleSearch,AccessControl.RoleView,AccessControl.CollectionView,AccessControl.PropertySearch,AccessControl.PropertyView,AccessControl.PropertyAllowedValueSearch,AccessControl.PropertyAllowedValueView,AccessControl.PropertyValueSearch,AccessControl.PropertyValueView,AccessControl.SearchResultsExport,AccessControl.PersonalQuestionSearch,AccessControl.PersonalQuestionView

0
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/data/.empty Normal file
View File

0
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/lib/.empty Normal file
View File

0
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/log/.empty Normal file
View File

145
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/status.sh Executable file
View File

@ -0,0 +1,145 @@
#!/bin/bash
#
# NAME
# status.sh - Checks the status of the nevisIDM Service.
#
# SYNOPSIS
# status.sh
#
# DESCRIPTION
# Performs periodic checks until the service is up or broken or timeout is reached.
# The script terminates when the process of the service stops running.
# There are no arguments for this script.
#
# EXIT CODES
# 0 Service is up.
# 1 Service process is not running.
# 2 Service is broken.
# 3 Timeout reached.
# Defines how much we should sleep between checking if the service is up.
interval=1
# Defines how much we should wait the service to start up until we give up and exit.
timeout=180
((end_time=${SECONDS}+$timeout))
# Checks if the process of the service is still running.
# Arguments:
# None
# Returns:
# In case it is running, returns 0, otherwise non-zero (exit code of systemctl).
isProcessRunning() {
systemctl is-active --quiet nevisidm@default
IS_RUNNING=$?
return $IS_RUNNING
}
# Checks if the readiness (/health) management endpoint can be used for checking status.
# (nevisIDM introduced the readiness (/health) management endpoint in 2.73.1.15 version.)
# Arguments:
# None
# Returns:
# If the nevisIDM version is at least 2.73.1.15, returns 0.
# Otherwise returns 1.
canHealthCheckUsed() {
minimal=2.73.1.15
installed=`readlink -f /opt/nevisidm/bin | awk -F'/' '{print $4}' | sed 's/rc.*//'`
if [ "$installed" = "`echo -e "$installed\n$minimal" | sort -V | tail -n1`" ]; then
return 0
else
return 1
fi
}
# Checks if the service is up.
# Based on nevisIDM version uses different nevisIDM endpoints.
# Arguments:
# None
# Returns:
# The result of ServiceCheck function.
checkService() {
if canHealthCheckUsed; then
doServiceCheckHealth
return $?
else
doServiceCheckOld
return $?
fi
}
# Checks if the service is up. (Attempts connecting the service with curl.)
# In case the service is broken, exits with exit code 2.
# Arguments:
# None
# Returns:
# If the connection was successful and the service up (is not broken), returns 0.
# If the connection was not successful, returns the curl exit code.
doServiceCheckOld() {
HC=`curl --insecure --silent --output /dev/null --write-out "%{http_code}" https://idm-job-v1:8989/nevisidm/admin/`
CON=$?
if [ "$CON" -ne 0 ]; then
EXIT_CODE=$CON
elif [ $HC -ge 500 ]; then
echo "Service is broken (HTTP code $HC)."
exit 2
else
EXIT_CODE=0
fi
return $EXIT_CODE
}
# Checks if the service is up. (Attempts connecting the service with curl.)
# Note: With the health check endpoint there is no way fail early when the endpoint returns HTTP 503, because it can come up
# later and then return HTTP 200.
# Arguments:
# None
# Returns:
# If the connection was successful and the service up (is not broken), returns 0.
# If the connection was not successful, returns 1.
doServiceCheckHealth() {
HC=`curl --silent --output /dev/null --write-out "%{http_code}" http://0.0.0.0:8998/health`
CON=$?
if [ $HC -eq 200 ]; then
EXIT_CODE=0
else
EXIT_CODE=1
fi
return $EXIT_CODE
}
# This function encapsulates the logic of checking if the process is running and if the service is up.
# In case the process is not running, exits with exit code 1.
# Arguments:
# None
# Returns:
# If the service process is running, returns the result of the service check function.
check() {
if isProcessRunning
then
checkService
CS=$?
return $CS
else
echo "Process is not running."
exit 1
fi
}
# Check the status of the service periodically.
while ((${SECONDS} < ${end_time}))
do
sleep ${interval}
if check
then
echo "Service is up."
exit 0
fi
done
echo "Exceeded check timeout (${timeout}s). Service is down."
exit 3

0
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-job-v1/var/opt/nevisidm/default/tmp/.empty Normal file
View File

20
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/etc/nevis/k8s-idm-v1-default-identity-ba7c7a3b091df0c4b8ba0bb2.yaml Normal file
View File

@ -0,0 +1,20 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisKeyStore"
metadata:
name: "idm-v1-default-identity"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "idm-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ba7c7a3b091df0c4b8ba0bb2"
spec:
cn: "idm-v1"
usage: "<reserved for future use>"
san:
dns:
- "idm-v1"
- "idm-v1.adn-agov-nevisidm-admin-01-uat"
- "idm-v1-web"
- "idm-v1-web.adn-agov-nevisidm-admin-01-uat"
email: []

12
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/etc/nevis/k8s-idm-v1-default-tls-client-trust-ba7c7a3b091df0c4b8ba0bb2.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisTrustStore"
metadata:
name: "idm-v1-default-tls-client-trust"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "idm-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ba7c7a3b091df0c4b8ba0bb2"
spec:
keystores: []

16
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/etc/nevis/k8s-idm-v1-nevisidm-sectoken-truststore-ba7c7a3b091df0c4b8ba0bb2.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisTrustStore"
metadata:
name: "idm-v1-nevisidm-sectoken-truststore"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "idm-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ba7c7a3b091df0c4b8ba0bb2"
spec:
keystores:
- name: "auth-sh4r3d-nevisidm-sectoken-signer"
namespace: "adn-agov-nevisidm-admin-01-uat"
extraCerts:
- "-----BEGIN CERTIFICATE-----\nMIIC0TCCAnigAwIBAgIQZvy+UXQEyt5CZ4HHs8QE4DAKBggqhkjOPQQDAjAYMRYw\nFAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI0MDUxOTIyMjgzOFoXDTI1MDUxOTIy\nMjgzOFowXjELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT\nMQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzEXMBUGA1UEAwwOTkVWSVNfU2Vj\nVG9rZW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBiK7GDqcPYMtt\nhWhmx/HkSzatni8aLjyTOaVV2yfmJaiWCGTKs1MdQmKOGKMwXp3w2abThn0ce7Sl\nGipV8xGeLq1Wjr9UnpSjV2WarS6BXDET7dJ858yYISJwu8bk/rXdvft7NSIbjl2M\n4auf5AyVFFZ1vKLPX9drJmrQCnGZXqGm7BMLAjgh1b+utopfrwqcwWyg5JltTsTd\nN4ytHciAWOgILO9Tut/VHmQLZA7P4rDSRMzKA8OXg1DSImYXlZlUQqSiNjpJuwmz\njhgt+4pwys+xLfkaOic5RzMtv3YDXKgiWRH/m8JKdfLbkNsl3bNkB/2Q1Hb/LBPQ\n/OLxW+QNAgMBAAGjgZIwgY8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsG\nAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFM9gPNKd\nzvDU2SS6FLCxzVDyYJwVMC8GA1UdEQQoMCaCDk5FVklTX1NlY1Rva2VugRRub3Jl\ncGx5QGxvY2FsLmRvbWFpbjAKBggqhkjOPQQDAgNHADBEAiAOOc9cD1IjF5MEc2DK\n4D6oQXWVtAiJLVp1zYq11V2e5QIgQ1CyWHKk+HqZJccyGPfnoB19s0X5RvNwUpJ9\nyVhnGXQ=\n-----END CERTIFICATE-----\n"

64
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/etc/nevis/k8s-nevisidm-admin-ba7c7a3b091df0c4b8ba0bb2.yaml Normal file
View File

@ -0,0 +1,64 @@
apiVersion: "operator.nevis-security.ch/v1"
kind: "NevisComponent"
metadata:
name: "idm-v1"
namespace: "adn-agov-nevisidm-admin-01-uat"
labels:
deploymentTarget: "idm-v1"
annotations:
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ba7c7a3b091df0c4b8ba0bb2"
spec:
type: "NevisIDM"
replicas: 1
version: "8.2405.2"
gitInitVersion: "1.3.0"
runAsNonRoot: true
ports:
management: 8998
soap: 8989
resources:
limits:
cpu: "1000m"
memory: "2200Mi"
requests:
cpu: "10m"
memory: "500Mi"
livenessProbe:
management:
httpGet:
path: "/liveness"
periodSeconds: 30
timeoutSeconds: 6
readinessProbe:
management:
httpGet:
path: "/health"
periodSeconds: 30
timeoutSeconds: 6
startupProbe:
management:
httpGet:
path: "/health"
periodSeconds: 30
timeoutSeconds: 6
failureThreshold: 10
podDisruptionBudget:
maxUnavailable: "50%"
git:
tag: "r-29c1b415348a6c1b8b32c65f6f40449f8c7765b0"
dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1"
credentials: "git-credentials"
keystores:
- "idm-v1-default-identity"
truststores:
- "idm-v1-nevisidm-sectoken-truststore"
- "idm-v1-default-tls-client-trust"
podSecurity:
policy: "baseline"
automountServiceAccountToken: false
timeZone: "Europe/Zurich"
secrets:
secret:
- "a2068eb83a60702322c13949-27ed70d3"
- "c418560f50e0332d087e85bf-89ec31e5"

18
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/etc/nevis/nevisidm_default.yml Normal file
View File

@ -0,0 +1,18 @@
schemaVersion: 1.0
instance:
type: "nevisidm"
name: "default"
directory: "/var/opt/nevisidm/default"
pid: "systemctl show nevisidm@default -p MainPID | cut -d '=' -f2"
source:
url: "/nevisadmin/#/projects/DEFAULT-ADN-AGOV-ADMIN-PROJECT/patterns/ba7c7a3b091df0c4b8ba0bb2"
projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
patternId: "ba7c7a3b091df0c4b8ba0bb2"
patternClass: "ch.nevis.admin.v4.plugin.nevisidm.patterns.NevisIDMDeployable"
resources:
ports:
- "0.0.0.0:8989"
control:
start: "systemctl restart nevisidm@default"
stop: "systemctl stop nevisidm@default"
status: "systemctl status nevisidm@default"

2
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/keys/trust/idm-db-tls-truststore/keypass Executable file
View File

@ -0,0 +1,2 @@
#!/bin/bash
echo 'password'

BIN
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks Normal file
View File

Binary file not shown.

BIN
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/keys/trust/idm-db-tls-truststore/truststore.p12 Normal file
View File

Binary file not shown.

45
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/keys/trust/idm-db-tls-truststore/truststore.pem Normal file
View File

@ -0,0 +1,45 @@
-----BEGIN CERTIFICATE-----
MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI
2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx
1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ
q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz
tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ
vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP
BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV
5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY
1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4
NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG
Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91
8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe
pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl
MrY=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ
RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX
DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y
ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy
VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr
mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr
IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK
mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu
XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy
dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye
jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1
BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3
DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92
9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx
jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0
Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz
ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
-----END CERTIFICATE-----

0
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/.standalone Normal file
View File

34
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/authorizationConfig.properties Normal file
View File

@ -0,0 +1,34 @@
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.TemplateAdmin=nevisIdm.SelfAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.UserAdmin=nevisIdm.UserAdmin,nevisIdm.SelfAdmin,nevisIdm.Helpdesk,nevisIdm.TemplateAdmin,nevisIdm.UserAndUnitAdmin,nevisIdm.AppAdmin,nevisIdm.AppOwner
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.Root=nevisIdm.SelfAdmin,nevisIdm.UserAdmin,nevisIdm.UserAndUnitAdmin,nevisIdm.MainAppOwner,nevisIdm.AppOwner,nevisIdm.Helpdesk,nevisIdm.TechUser,nevisIdm.AppAdmin,nevisIdm.SoapTechAccess,nevisIdm.SoapTechAccessReadOnly,nevisIdm.Root,nevisIdm.TemplateAdmin,nevisIdm.ClientRoot,nevisIdm.Impersonator,nevisIdm.EnterpriseRoleAdmin,nevisIdm.EnterpriseRoleOwner
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.AppOwner=nevisIdm.AppOwner,nevisIdm.UserAdmin,nevisIdm.SelfAdmin,nevisIdm.Helpdesk,nevisIdm.TemplateAdmin,nevisIdm.UserAndUnitAdmin,nevisIdm.AppAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.AppAdmin=nevisIdm.SelfAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.SoapTechAccessReadOnly=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.TechUser=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.ClientRoot=nevisIdm.ClientRoot,nevisIdm.UserAdmin,nevisIdm.SelfAdmin,nevisIdm.Helpdesk,nevisIdm.TemplateAdmin,nevisIdm.UserAndUnitAdmin,nevisIdm.AppAdmin,nevisIdm.AppOwner
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.Impersonator=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.EnterpriseRoleAdmin=nevisIdm.EnterpriseRoleAdmin,nevisIdm.UserAdmin,nevisIdm.SelfAdmin,nevisIdm.Helpdesk,nevisIdm.TemplateAdmin,nevisIdm.UserAndUnitAdmin,nevisIdm.AppAdmin,nevisIdm.AppOwner
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.Helpdesk=nevisIdm.SelfAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.BatchJobAdmin=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.MainAppOwner=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.UserAndUnitAdmin=nevisIdm.SelfAdmin
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.SelfAdmin=
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.SoapTechAccess=nevisIdm.SelfAdmin,nevisIdm.UserAdmin,nevisIdm.UserAndUnitAdmin,nevisIdm.MainAppOwner,nevisIdm.AppOwner,nevisIdm.Helpdesk,nevisIdm.TechUser,nevisIdm.AppAdmin,nevisIdm.SoapTechAccess,nevisIdm.SoapTechAccessReadOnly,nevisIdm.TemplateAdmin,nevisIdm.EnterpriseRoleOwner
# source: pattern://50d6c91ace65f52fa56d7113
nevisIdm.EnterpriseRoleOwner=

8
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/env.conf Normal file
View File

@ -0,0 +1,8 @@
JAVA_OPTS=(
"-XX:+UseContainerSupport"
"-XX:MaxRAMPercentage=80.0"
"-javaagent:/opt/agent/opentelemetry-javaagent.jar"
"-Dotel.javaagent.logging=application"
"-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
"-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
)

828
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/facing/admin/css/facing.css Normal file
View File

@ -0,0 +1,828 @@
#header > div > div.navbar-header.nav.navbar-nav.mr-auto > span::after {
content: "AGOV Operations - WORK";
color: #AB47BC;
display: inline-block;
margin-left: 5px
}
#mainLayoutTable > tbody > tr:nth-child(3) > td.bgCont > footer > img {
display: none;
}
.navbar-default li>a {
color: #501eb6;
}
/* facing.css */
body {
font-family: "Averta-Regular", 'Helvetica Neue', 'Segoe UI', Helvetica, Arial, sans-serif;
font-size: 12px;
color: #000;
margin-top: 0;
margin-left: 0;
margin-right: 0;
margin-bottom: 0;
background-color: #fff;
}
form, div {
margin: 0;
}
table, img {
border: 0;
}
.frmTable, .tblTable {
border: 0px solid #009999;
width: 100%;
border-spacing: 1px;
}
.border2 {
border: 1px solid #a9a9a9;
}
td.bgNavi {
height: 100%;
}
table.navi {
width: 210px;
border-spacing: 0px;
}
table.bgNavi {
height: 100%;
}
/* - - - - - - - - - - - - - - - - - - NAVI LAYOUT - - - - - - - - - - - - - - - - - - - - - - - */
ul.lev01 {
list-style: none;
font-weight: bold;
font-family: "Averta-Bold", sans-serif;
margin-top: 0.0em;
margin-bottom: 0em;
padding-left: 0.0em;
margin-left: 0px; /*IE needs this */
white-space: nowrap;
}
li.lev01 {
list-style: none;
margin: 0px;
padding-top: 0.3em;
}
li.lev01 p.title {
padding-top: 1em;
padding-bottom: 0.3em;
padding-left: 10px;
margin: 0px;
border-bottom: 1px solid #501eb6;
}
ul.lev02, ul.lev02active {
list-style: none;
font-weight: normal;
margin-top: 0.0em;
margin-bottom: 0em;
padding: 0.0em;
margin-left: 0px; /*IE needs this */
white-space: nowrap;
}
li.lev02 {
list-style: none;
margin: 0px;
padding-top: 0.0em;
}
li.lev02 p.title {
padding-top: 1em;
padding-bottom: 0.3em;
padding-left: 10px;
margin: 0px;
font-weight: bold;
font-family: "Averta-Bold", sans-serif;
color: #333;
border-bottom: 0px solid #a9a9a9;
}
li.lev02 a {
list-style: none;
display: block;
font-size: 12px;
color: #000;
text-decoration: none;
margin: 0px;
padding-top: 0.3em;
padding-bottom: 0.3em;
padding-left: 10px;
height: 1em;
/*diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
}
li.lev02 a {
height: auto;
/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
}
li.lev02 a:link, li.lev02 a:visited {
color: #000;
text-decoration: none;
}
li.lev02 a:active, li.lev02 a:hover {
display: block;
color: #501eb6;
background-color: #f8f8f8;
text-decoration: none;
}
li.lev02 a:link, li.lev02 a:visited {
height: auto;
/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
}
li.lev02active {
color: #501eb6;
background-color: #f8f8f8;
}
li.lev02active p.title {
font-weight: bold;
font-family: "Averta-Bold", sans-serif;
border-bottom: 0;
}
li.lev02active a {
list-style: none;
margin: 0px;
padding-top: 0.3em;
padding-bottom: 0.3em;
padding-left: 10px;
height: 1em;
/*diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
}
li.lev02active a:link, li.lev02active a:visited {
display: block;
color: #501eb6;
background-color: #f8f8f8;
text-decoration: none;
height: 1em;
/*diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
}
li.lev02active a:link, li.lev02active a:visited {
height: auto;
/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
}
li.lev02active a:active, li.lev02active a:hover {
display: block;
color: #501eb6;
background-color: #f8f8f8;
text-decoration: none;
height: 1em;
}
li.lev02active a:active, li.lev02active a:hover {
height: auto;
/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
}
ul.lev03, ul.lev03active {
list-style: none;
font-weight: normal;
margin-top: 0.0em;
margin-bottom: 0em;
padding: 0.0em;
margin-left: 10px; /*IE needs this */
white-space: nowrap;
}
li.lev03 a {
list-style: none;
display: block;
font-size: 12px;
color: #000;
text-decoration: none;
margin: 0px;
padding-top: 0.3em;
padding-bottom: 0.3em;
padding-left: 20px;
height: 1em;
/*diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
}
li.lev03 a {
height: auto;
/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
}
li.lev03 a:link, li.lev03 a:visited {
color: #000;
text-decoration: none;
}
li.lev03 a:active, li.lev03 a:hover {
display: block;
color: #501eb6;
background-color: #f8f8f8;
text-decoration: none;
}
li.lev03 a:link, li.lev03 a:visited {
height: auto;
/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
}
li.lev03active a {
list-style: none;
margin: 0px;
padding-top: 0.3em;
padding-bottom: 0.3em;
padding-left: 20px;
height: 1em;
/*diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
}
li.lev03active a:link, li.lev03active a:visited {
display: block;
color: #501eb6;
background-color: #f8f8f8;
text-decoration: none;
height: 1em;
/*diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
}
li.lev03active a:link, li.lev03active a:visited {
height: auto;
/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
}
li.lev03active a:active, li.lev03active a:hover {
display: block;
color: #501eb6;
background-color: #f8f8f8;
text-decoration: none;
height: 1em;
}
li.lev03active a:active, li.lev03active a:hover {
height: auto;
/*hebt fuer nicht-IE Browser die Hoehenangabe 1em wieder auf */
}
/* ---------- misc settings ------------- */
.bgHeader {
vertical-align: top;
background-color: #38373b;
width: 100%;
border-spacing: 0px;
border-collapse: collapse;
}
/* Header logo styles */
.site-logo {
background: transparent url("../images/AGOV-Logo.png") left top
no-repeat;
width: 64px;
height: 64px;
background-size: 64px 64px;
transition: background-size 0.25s linear, width 0.25s linear, height
0.25s linear;
}
/* Header logo collapsed styles */
.scrolled .site-logo {
background: transparent url("../images/AGOV-Logo.png") left top
no-repeat;
width: 36px;
height: 36px;
background-size: 36px 36px;
transition: background-size 0.25s linear, width 0.25s linear, height
0.25s linear;
}
/* Header component name */
.site-title {
font-size: 1.7em;
align-self: center;
margin-left: 0 !important;
color: #501eb6;
}
.scrolled .site-title {
font-size: 1.7em;
}
.bgCont {
vertical-align: top;
background-color: #ffffff;
}
td.bgCont {
/*mod teddy for IE6*/
width: 100%;
padding: 10px;
font-size: 12px;
}
/*Links*/
.bgCont a:link, .bgCont a:visited {
font-size: 12px;
color: #501eb6;
text-decoration: none;
}
.bgCont a:active, .bgCont a:hover {
font-size: 12px;
color: #501eb6;
text-decoration: none;
}
.Headline {
font-size: 20px;
color: #000000;
padding-bottom: 0px;
margin-bottom: 4px;
}
.tblRowNowrap {
white-space: nowrap;
}
/* ---------- color config ---------- */
#header {
background-color: white;
border-bottom: 1px solid #501eb6;
}
#header-navbar-collapse {
background-color: #fff;
}
/* Menu item basic style */
.navbar-default .navbar-nav>li>a {
color: #501eb6;
font-size: 14px;
}
/* Header dropdown menu general styles */
.nav>li>.dropdown-menu {
border: 1px solid #501eb6;
border-radius: 3px;
padding: 17px 0;
margin-top: -5px;
right: 0;
left: auto;
-webkit-box-shadow: 0 6px 12px rgba(0,0,0,.175);
box-shadow: 0 6px 12px rgba(0,0,0,.175);
line-height: 20px;
font-size: 14px;
}
.dropdown-toggle::after {
vertical-align: middle;
margin-left: 0;
}
.dropdown-item>a {
display: block;
}
.navbar-default .navbar-nav>li>a:hover,
.dropdown>a:hover,
.dropdown.show>a,
a>.fa-question-circle:hover {
color: #501eb6;
text-decoration: none;
}
.dropdown-item {
padding: 0;
color: #212529;
display: block;
}
.navbar-default .dropdown-menu li>a:focus,
.navbar-default .dropdown-menu li>a:hover {
background-color: #501eb6;
color: white;
text-decoration: none;
}
/* Language dropdown */
.language-code {
text-transform: uppercase;
color: #501eb6;
font-weight: bold;
font-family: "Averta-Bold", sans-serif;
display: table-cell;
/* in order to align the language codes horizontally */
width: 23px;
}
/* Quick Search text field */
.navbar-form .form-control {
height: 28px;
width: 320px;
border: 1px solid #501eb6;
border-radius: 3px;
}
#header .form-control:focus {
box-shadow: inset 0 1px 1px rgba(0, 0, 0, .075), 0 0 8px #501eb6;
}
td.navi, span.navi, span.navi a, .tblHeader, .tblFooter, td.frmLabel, td.frmConfirmLabel,
td.frmInput, td.frmInputStatus, td.frmInputLegend, td.frmConfirmInput,
td.frmLabelMandatory, input, textarea {
color: #000000;
}
span.navi, td.navi a:hover {
color: #501eb6;
}
span.mandatory {
color: #c80000;
}
td.tab {
background-color: #e3e4e6;
}
td.tabActive, td.frmTitelSmall {
background-color: #bacce1;
}
a.tab, a.frmEdit, a.frmEdit:hover {
color: #501eb6;
}
a.tab:hover {
color: #501eb6;
}
.tblTitel, td.frmTitel {
color: #38373b;
background-color: #f8f8f8;
border-top: 1px solid #501eb6;
}
.tblSubTitel2, tblSubTitel1, a.frmTitel, a.frmTitel:hover {
color: #1d3e9c;
}
.tblSubTitel1 {
background-color: #cddcec;
}
.tblHeader, .tblFooter {
background-color: #f0f1f3;
}
.tblHeader a img {
margin-left: 8px;
margin-top: 2px;
vertical-align: text-bottom;
}
/*Links auf dunekgrauem BG*/
.tblHeader a, td.tblFooter a.tbl, .tblRowOdd a, .tblRowEven a {
color: #501eb6;
}
.tblRowOdd, .tblRowOddNr, .tblRowOddCentered {
font-size: 12px;
padding: 3px 7px;
background-color: #ffffff;
word-wrap: break-word;
}
.tblRowEven, .tblRowEvenNr, .tblRowEvenCentered {
font-size: 12px;
padding: 3px 7px;
background-color: #f0f1f3;
word-wrap: break-word;
}
.tblRowOddCentered, .tblRowEvenCentered {
text-align: center;
}
.tblRowOdd a, .tblRowEven a, a.tbl {
color: #501eb6;
}
.tblRowOdd a:hover, .tblRowEven a:hover, a.tbl:hover {
color: #501eb6;
}
.deactivated {
color: #999;
}
.deactivated a {
color: #999;
}
.deactivated a:link, .deactivated a:visited {
color: #999;
}
.deactivated a:active, .deactivated a:hover {
color: #999;
}
td.frmTitelSmall {
color: #1d2f68;
}
td.frmLabel, td.frmLabelMandatory, td.frmLabelHi {
border: 1px solid #f0f1f3;
background-color: #ffffff;
color: #323232;
text-align: right;
}
td.frmLabelHi {
font-weight: bold;
font-family: "Averta-Bold", sans-serif;
}
td.frmLabelHi {
font-weight: bold;
font-family: "Averta-Bold", sans-serif;
}
td.frmConfirmLabel {
background-color: #fff4c0;
text-align: right;
vertical-align: middle;
}
td.frmInput, td.frmInputIcon, td.frmInputStatus {
border: 1px solid #f0f1f3;
background-color: #ffffff;
font-weight: bold;
font-family: "Averta-Bold", sans-serif;
white-space: nowrap;
}
#historyDiffRecordTable td.frmInput,
#historyDiffRecordTable td.frmInputIcon,
#historyDiffRecordTable td.frmInputStatus {
white-space: normal;
}
td.frmConfirmInput {
background-color: #fff4c0;
text-align: right;
}
input {
background-color: #ffffff;
border: 1px solid #a9a9a9;
font-weight: bold;
font-family: "Averta-Bold", sans-serif;
height: auto;
}
textarea {
background-color: #ffffff;
border: 1px solid #a9a9a9;
font-weight: bold;
font-family: "Averta-Bold", sans-serif;
resize: vertical;
}
input.submit {
font-weight: normal;
}
select {
background-color: #ffffff;
}
/* ---------- Breadcrumbs config ---------- */
ul.breadcrumbs {
padding: 0px;
margin-left: 0px;
margin-bottom: 4px;
margin-right: 90px;
margin-top: 4px;
font-size: 12px;
list-style-type: none;
color: #a9a9a9;
}
ul.breadcrumbs li {
display: inline;
color: #000;
}
.breadcrumbs li a {
display: block;
color: #501eb6;
text-decoration: none;
height: 1em;
}
.breadcrumbs li a:link, .breadcrumbs li a:visited {
display: inline;
color: #501eb6;
text-decoration: none;
}
.breadcrumbs li a:active, .breadcrumbs li a:hover {
color: #501eb6;
text-decoration: none;
height: 1em;
/* diese Angabe ist nur fuer den IE, damit die ganze Linkflaeche klickbar ist */
}
/* Add a lightgrey slash character as breadcrumb separator between breadcrumbs. */
.breadcrumbs>li+li::before {
padding: 0 5px;
color: #ccc;
content: "/\00a0";
}
/* Error Message */
.error {
font-size: 12px;
font-style: normal;
font-variant: normal;
color: #000;
}
ul.error {
list-style-type: disc;
font-weight: bold;
font-family: "Averta-Bold", sans-serif;
padding: 8px;
margin: 0px 20px 0px 20px;
}
ul.error li {
line-height: 16px;
}
table.errorBorder {
border: 1px solid #ff7700;
background-color: #ffeeaa;
margin-top: 30px;
width: 100%;
border-spacing: 0px;
}
/* Success Message */
.message {
font-size: 12px;
font-style: normal;
color: #000;
}
ul.message {
list-style-type: disc;
font-weight: bold;
font-family: "Averta-Bold", sans-serif;
padding: 8px;
margin: 0px 20px 0px 20px;
}
ul.message li {
line-height: 16px;
font-size: 12px;
}
table.messageBorder {
font-size: 12px;
border: 1px solid #501eb6;
background-color: #deefee;
margin-top: 30px;
width: 100%;
border-spacing: 0px;
}
/* Info message */
table.infoBorder {
font-size: 12px;
border: 1px solid #3783ff;
background-color: #3783ff;
margin-top: 30px;
width: 100%;
border-spacing: 0px;
}
.infoBorder a:link, .infoBorder a:visited {
font-size: 12px;
color: #fbfbfb;
text-decoration: none;
}
.infoBorder a:active, .infoBorder a:hover {
font-size: 12px;
color: #ffffff;
text-decoration: none;
}
/* Question message */
table.questionBorder {
font-size: 12px;
border: 1px solid #f4c649;
background-color: #fff4c0;
margin-top: 30px;
width: 100%;
border-spacing: 0px;
}
/* Navigation Configuration */
#nav_user_administration, #nav_new_user, #nav_modify_user,
#nav_modify_user, #nav_search_by_profile, #nav_search_by_credential {
display: block;
}
#nav_unit_admin, #nav_new_main_unit, #nav_modify_unit {
display: block;
}
#nav_system_admin, #nav_applications, #nav_new_application,
#nav_modify_application {
display: block;
}
#nav_mail_templates, #nav_new_mail_template, #nav_modify_mail_template {
display: block;
}
#nav_policies, #nav_new_policy, #nav_modify_policy {
display: block;
}
#nav_batch_jobs, #nav_planned_jobs {
display: block;
}
#nav_client_administration, #nav_new_client, #nav_modify_client,
#nav_assign_roles, #nav_assign_policies, #nav_assign_mail_templates {
display: block;
}
#nav_selfadmin, #nav_my_user_data {
display: block;
}
.placeholder {
color: #aaa;
}
/* Quick Search (autocomplete) */
.tt-hint {
color: #999
}
.tt-menu {
width: 320px;
padding: 17px 0;
background-color: #fff;
border: 1px solid #501eb6;
border-radius: 3px;
box-shadow: 0 6px 12px rgba(0, 0, 0, .175);
}
.tt-suggestion {
padding: 3px 28px;
line-height: 24px;
}
.tt-suggestion:hover {
cursor: pointer;
color: #fff;
background-color: #501eb6;
}
.tt-suggestion.tt-cursor {
color: #fff;
background-color: #9cc;
}
.empty-message {
padding: 3px 28px;
}
/* - - - - - - - - - - - - - - - - - - FOOTER - - - - - - - - - - - - - - - - - - - - - - - */
.footer {
color: #501eb6;
background-color: transparent;
height: 40px;
padding-top: 0;
padding-bottom: 24px;
margin-top: 36px;
border-top: 1px solid #501eb6;
}

BIN
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/facing/admin/images/AGOV-Logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.3 KiB

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_additionaladdress.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "additionalAddress",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "additional address line",
"maxLength": "100",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_openingfri.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "openingFri",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "Opening hours for Fridays",
"maxLength": "50",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_openinghol.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "openingHol",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "Opening hours for Sundays and Holidays",
"maxLength": "50",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_openingmon.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "openingMon",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "Opening hours for Mondays",
"maxLength": "50",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_openingremarksde.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "openingRemarksDe",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "remarks for the opening hours (DE)",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_openingremarksen.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "openingRemarksEn",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "remarks for the opening hours (EN)",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_openingremarksfr.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "openingRemarksFr",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "remarks for the opening hours (FR)",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_openingremarksit.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "openingRemarksIt",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "remarks for the opening hours (IT)",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_openingsat.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "openingSat",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "Opening hours for Saturdays",
"maxLength": "50",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_openingthu.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "openingThu",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "Opening hours for Thursdays",
"maxLength": "50",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_openingtue.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "openingTue",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "Opening hours for Tuesdays",
"maxLength": "50",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_openingwed.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "openingWed",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "Opening hours for Wednesdays",
"maxLength": "50",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_position.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "position",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "coordinates of the office (WGS84)",
"regex": "^\\-?([1-9][0-9]|[0-9])\\.[0-9][0-9][0-9][0-9][0-9],\\s*\\-?(1[0-8][0-9]|[1-9][0-9]|[0-9])\\.[0-9][0-9][0-9][0-9][0-9]$",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_street.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "street",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "address: street and house number",
"maxLength": "100",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/unit_nevisidm_custom_property_counter_town.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "town",
"scope": "UNIT_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "d9a334a6-b6f5-4982-a24e-13ae095a60fa",
"description": "twon, city where the counter is located",
"maxLength": "40",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/user_nevisidm_custom_property_agovid.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "agovId",
"scope": "USER_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_ONLY",
"clientExtId": "9f30aa08-4c53-458c-b144-90c16dc5ed6e",
"maxLength": "36",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/user_nevisidm_custom_property_counter_counterextid.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "counterExtId",
"scope": "USER_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "9f30aa08-4c53-458c-b144-90c16dc5ed6e",
"description": "the unitExtId of the counter, that the user selected intially, and visited (might be different)",
"precedence": 100
}

14
DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm-v1/var/opt/nevisidm/default/conf/import/property/user_nevisidm_custom_property_eidnumber.json Normal file
View File

@ -0,0 +1,14 @@
{
"name": "eIdNumber",
"scope": "USER_GLOBAL",
"encrypted": false,
"propagated": false,
"accessCreate": "READ_WRITE",
"accessModify": "READ_WRITE",
"clientExtId": "cfa9c9b9-119f-4dff-9bb8-86d7c0cf2720",
"maxLength": "40",
"precedence": 100
}

Some files were not shown because too many files have changed in this diff Show More