From e563ca2f0f7e733736b78fe9e710572f659007e9 Mon Sep 17 00:00:00 2001
From: haburger <haburger>
Date: Wed, 30 Oct 2024 16:40:17 +0000
Subject: [PATCH] new configuration version

---
 ...oxy-instance-bd83dfbd467e8211ffe71d28.yaml |  2 +-
 .../WEB-INF/security_artreporting.conf        | 18 ----
 .../WEB-INF/web.xml                           | 90 +------------------
 3 files changed, 3 insertions(+), 107 deletions(-)
 delete mode 100644 DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/var/opt/nevisproxy/default/host-op.agov-w.azure.adnovum.net/WEB-INF/security_artreporting.conf

diff --git a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/etc/nevis/k8s-operations-nevisproxy-instance-bd83dfbd467e8211ffe71d28.yaml b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/etc/nevis/k8s-operations-nevisproxy-instance-bd83dfbd467e8211ffe71d28.yaml
index 7ca12a5..cb9f621 100644
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/etc/nevis/k8s-operations-nevisproxy-instance-bd83dfbd467e8211ffe71d28.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/etc/nevis/k8s-operations-nevisproxy-instance-bd83dfbd467e8211ffe71d28.yaml
@@ -46,7 +46,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-58fcf0ca3e3e5b189ec00c971320c3f2a1b493b0"
+    tag: "r-3341a3df2b54ab6368125d7df7c223019a1fb969"
     dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp"
     credentials: "git-credentials"
   keystores:
diff --git a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/var/opt/nevisproxy/default/host-op.agov-w.azure.adnovum.net/WEB-INF/security_artreporting.conf b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/var/opt/nevisproxy/default/host-op.agov-w.azure.adnovum.net/WEB-INF/security_artreporting.conf
deleted file mode 100644
index 992d95a..0000000
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/var/opt/nevisproxy/default/host-op.agov-w.azure.adnovum.net/WEB-INF/security_artreporting.conf
+++ /dev/null
@@ -1,18 +0,0 @@
-# load modsecurity
-Include /var/opt/nevisproxy/default/host-op.agov-w.azure.adnovum.net/WEB-INF/modsecurity.conf
-
-# apply whitelist modifications - must be done before loading other rules (replaces REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf)
-
-
-# apply application-specific paranoia level
-SecAction "id:900000,phase:1,nolog,pass,t:none,setvar:tx.paranoia_level=1"
-
-# load the rule set of the virtual host
-Include /var/opt/nevisproxy/default/host-op.agov-w.azure.adnovum.net/WEB-INF/rules.conf
-
-# apply rule exceptions (replaces RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf)
-
-
-# set mode
-SecRuleEngine DetectionOnly
-
diff --git a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/var/opt/nevisproxy/default/host-op.agov-w.azure.adnovum.net/WEB-INF/web.xml b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/var/opt/nevisproxy/default/host-op.agov-w.azure.adnovum.net/WEB-INF/web.xml
index 6fc8797..c753b92 100644
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/var/opt/nevisproxy/default/host-op.agov-w.azure.adnovum.net/WEB-INF/web.xml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/proxy-sp/var/opt/nevisproxy/default/host-op.agov-w.azure.adnovum.net/WEB-INF/web.xml
@@ -131,21 +131,6 @@
             <param-value>nevisIdm.Root</param-value>
         </init-param>
     </filter>
-    <!-- source: pattern://ae3127e7a6869fea8b850ad9 -->
-    <filter>
-        <filter-name>Authorization_Required_Roles_AGOV-Art.Access_SAML_SP_nevisidm_operations_Realm</filter-name>
-        <filter-class>ch::nevis::isiweb4::filter::auth::SecurityRoleFilter</filter-class>
-        <!-- source: pattern://ae3127e7a6869fea8b850ad9 -->
-        <init-param>
-            <param-name>DynamicRoleAcquire</param-name>
-            <param-value>false</param-value>
-        </init-param>
-        <!-- source: pattern://ae3127e7a6869fea8b850ad9 -->
-        <init-param>
-            <param-name>RolesRequired</param-name>
-            <param-value>AGOV-Art.Access</param-value>
-        </init-param>
-    </filter>
     <!-- source: pattern://3ccfece140b4bb464b3b7f51 -->
     <filter>
         <filter-name>Authorization_Required_Roles_nevisIdm.Helpdesk_nevisIdm.TemplateAdmin_nevisIdm.UserAndUnitAdmin_nevisIdm.AppAdmin_nevisIdm.UserAdmin_nevisIdm.AppOwner_nevisIdm.EnterpriseRoleAdmin_nevisIdm.ClientRoot_SAML_SP_nevisidm_operations_Realm</filter-name>
@@ -220,16 +205,6 @@
             </param-value>
         </init-param>
     </filter>
-    <!-- source: pattern://4da72abf93d79d0698250e39 -->
-    <filter>
-        <filter-name>ModSecurity_ArtReporting</filter-name>
-        <filter-class>ch::nevis::nevisproxy::filter::modsecurity::ModsecurityFilter</filter-class>
-        <!-- source: pattern://4da72abf93d79d0698250e39 -->
-        <init-param>
-            <param-name>ConfigFile</param-name>
-            <param-value>/var/opt/nevisproxy/default/host-op.agov-w.azure.adnovum.net/WEB-INF/security_artreporting.conf</param-value>
-        </init-param>
-    </filter>
     <!-- source: pattern://f010ec68088ebd56349c7135 -->
     <filter>
         <filter-name>ModSecurity_GreenMail</filter-name>
@@ -600,7 +575,7 @@
     <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
     <filter-mapping>
         <filter-name>SessionHandler_SAML_SP_nevisidm_operations_Realm</filter-name>
-        <url-pattern>/art/*</url-pattern>
+        <url-pattern>/mail/*</url-pattern>
     </filter-mapping>
     <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
     <filter-mapping>
@@ -613,11 +588,6 @@
         <url-pattern>/SAML2/stepup/*</url-pattern>
     </filter-mapping>
     <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
-    <filter-mapping>
-        <filter-name>SessionHandler_SAML_SP_nevisidm_operations_Realm</filter-name>
-        <url-pattern>/mail/*</url-pattern>
-    </filter-mapping>
-    <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
     <filter-mapping>
         <filter-name>SessionHandler_SAML_SP_nevisidm_operations_Realm</filter-name>
         <url-pattern>/nevisidm/*</url-pattern>
@@ -643,11 +613,6 @@
         <filter-name>SessionHandler_OP-ONBRDNG-AuthenticationRealm</filter-name>
         <url-pattern>/AUTH/ONBOARDING/*</url-pattern>
     </filter-mapping>
-    <!-- source: pattern://4da72abf93d79d0698250e39 -->
-    <filter-mapping>
-        <filter-name>ModSecurity_ArtReporting</filter-name>
-        <url-pattern>/art/*</url-pattern>
-    </filter-mapping>
     <!-- source: pattern://f010ec68088ebd56349c7135 -->
     <filter-mapping>
         <filter-name>ModSecurity_GreenMail</filter-name>
@@ -686,11 +651,6 @@
         <exclude-url-regex>^/canary/api/.*$</exclude-url-regex>
     </filter-mapping>
     <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
-    <filter-mapping>
-        <filter-name>Authentication_SAML_SP_nevisidm_operations_Realm</filter-name>
-        <url-pattern>/art/*</url-pattern>
-    </filter-mapping>
-    <!-- source: pattern://7518c6cc61e47eec6322ae17 -->
     <filter-mapping>
         <filter-name>Authentication_SAML_SP_nevisidm_operations_Realm</filter-name>
         <url-pattern>/mail/*</url-pattern>
@@ -731,11 +691,6 @@
         <filter-name>Requirement_NEVIS_SecToken_SAML_SP_nevisidm_operations_Realm</filter-name>
         <url-pattern>/nevisidm/*</url-pattern>
     </filter-mapping>
-    <!-- source: pattern://ae3127e7a6869fea8b850ad9 -->
-    <filter-mapping>
-        <filter-name>Authorization_Required_Roles_AGOV-Art.Access_SAML_SP_nevisidm_operations_Realm</filter-name>
-        <url-pattern>/art/*</url-pattern>
-    </filter-mapping>
     <!-- source: pattern://3ccfece140b4bb464b3b7f51 -->
     <filter-mapping>
         <filter-name>Authorization_Required_Roles_nevisIdm.Helpdesk_nevisIdm.TemplateAdmin_nevisIdm.UserAndUnitAdmin_nevisIdm.AppAdmin_nevisIdm.UserAdmin_nevisIdm.AppOwner_nevisIdm.EnterpriseRoleAdmin_nevisIdm.ClientRoot_SAML_SP_nevisidm_operations_Realm</filter-name>
@@ -760,42 +715,6 @@
     <listener>
         <listener-class>ch::nevis::isiweb4::listener::SessionListener</listener-class>
     </listener>
-    <!-- source: pattern://4da72abf93d79d0698250e39, pattern://4da72abf93d79d0698250e39#allowedMethods, pattern://4da72abf93d79d0698250e39#backends, pattern://4da72abf93d79d0698250e39#responseRewrite -->
-    <servlet>
-        <servlet-name>Connector_ArtReporting</servlet-name>
-        <!-- source: pattern://4da72abf93d79d0698250e39 -->
-        <servlet-class>ch::nevis::isiweb4::servlet::connector::http::HttpsConnectorServlet</servlet-class>
-        <!-- source: pattern://4da72abf93d79d0698250e39#allowedMethods -->
-        <init-param>
-            <param-name>AllowedMethods</param-name>
-            <param-value>ALL-HTTP,ALL-WEBDAV,-TRACE,-CONNECT</param-value>
-        </init-param>
-        <!-- source: pattern://4da72abf93d79d0698250e39#responseRewrite -->
-        <init-param>
-            <param-name>AutoRewrite</param-name>
-            <param-value>header</param-value>
-        </init-param>
-        <!-- source: pattern://4da72abf93d79d0698250e39 -->
-        <init-param>
-            <param-name>CookieManager</param-name>
-            <param-value>retain:^.*$</param-value>
-        </init-param>
-        <!-- source: pattern://4da72abf93d79d0698250e39 -->
-        <init-param>
-            <param-name>DNSCache.ttl</param-name>
-            <param-value>60</param-value>
-        </init-param>
-        <!-- source: pattern://4da72abf93d79d0698250e39#backends -->
-        <init-param>
-            <param-name>InetAddress</param-name>
-            <param-value>art-report-server.adn-agov-connect-01-dev:8080</param-value>
-        </init-param>
-        <!-- source: pattern://4da72abf93d79d0698250e39#backends -->
-        <init-param>
-            <param-name>UseSSL</param-name>
-            <param-value>false</param-value>
-        </init-param>
-    </servlet>
     <!-- source: pattern://f010ec68088ebd56349c7135, pattern://f010ec68088ebd56349c7135#allowedMethods, pattern://f010ec68088ebd56349c7135#backends, pattern://f010ec68088ebd56349c7135#responseRewrite -->
     <servlet>
         <servlet-name>Connector_GreenMail</servlet-name>
@@ -824,7 +743,7 @@
         <!-- source: pattern://f010ec68088ebd56349c7135#backends -->
         <init-param>
             <param-name>InetAddress</param-name>
-            <param-value>rainloop.adn-agov-mail-01-dev:80</param-value>
+            <param-value>rainloop.adn-agov-mail-01-uat:80</param-value>
         </init-param>
         <!-- source: pattern://f010ec68088ebd56349c7135#backends -->
         <init-param>
@@ -1131,11 +1050,6 @@
         <servlet-name>Hosting_Default</servlet-name>
         <url-pattern>/SAML2/stepup/*</url-pattern>
     </servlet-mapping>
-    <!-- source: pattern://4da72abf93d79d0698250e39, pattern://4da72abf93d79d0698250e39#path -->
-    <servlet-mapping>
-        <servlet-name>Connector_ArtReporting</servlet-name>
-        <url-pattern>/art/*</url-pattern>
-    </servlet-mapping>
     <!-- source: pattern://2a09bff81af3e18af3e13d3f, pattern://2a09bff81af3e18af3e13d3f#path -->
     <servlet-mapping>
         <servlet-name>Connector_Web_Application_canaryPage_frontend</servlet-name>