diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml
index 5ee39ff..43163e4 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml
@@ -27,20 +27,25 @@ spec:
livenessProbe:
soap:
tcpSocket: true
- initialDelaySeconds: 40
- periodSeconds: 20
+ periodSeconds: 5
timeoutSeconds: 4
readinessProbe:
management:
httpGet:
path: "/nevisauth/liveness"
- initialDelaySeconds: 40
- periodSeconds: 30
+ periodSeconds: 5
timeoutSeconds: 6
+ startupProbe:
+ management:
+ httpGet:
+ path: "/nevisauth/liveness"
+ periodSeconds: 5
+ timeoutSeconds: 6
+ failureThreshold: 50
podDisruptionBudget:
maxUnavailable: "50%"
git:
- tag: "r-0908e4d0fd3a6d917e38b64e7a6a4c5df57ad551"
+ tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts"
credentials: "git-credentials"
keystores:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf
index 09ae031..5cd92a4 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf
@@ -1,8 +1,8 @@
RTENV_SECURITY_CHECK=no_shell
JAVA_OPTS=(
- "-Dfile.encoding=UTF-8"
"-XX:+UseContainerSupport"
+ "-Dfile.encoding=UTF-8"
"-XX:MaxRAMPercentage=80.0"
"-Djava.net.preferIPv4Stack=true"
"-Djava.net.connectionTimeout=10000"
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/otel.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/otel.properties
index 67787db..5ba3ee1 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/otel.properties
@@ -1,4 +1,4 @@
-otel.service.name=auth-sts
-otel.traces.exporter=none
-otel.metrics.exporter=none
-otel.logs.exporter=none
+otel.service.name = auth-sts
+otel.traces.exporter = none
+otel.metrics.exporter = none
+otel.logs.exporter = none
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml
index 2c37e64..8045ba2 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml
@@ -27,20 +27,25 @@ spec:
livenessProbe:
soap:
tcpSocket: true
- initialDelaySeconds: 40
- periodSeconds: 20
+ periodSeconds: 5
timeoutSeconds: 4
readinessProbe:
management:
httpGet:
path: "/nevisauth/liveness"
- initialDelaySeconds: 40
- periodSeconds: 30
+ periodSeconds: 5
timeoutSeconds: 6
+ startupProbe:
+ management:
+ httpGet:
+ path: "/nevisauth/liveness"
+ periodSeconds: 5
+ timeoutSeconds: 6
+ failureThreshold: 50
podDisruptionBudget:
maxUnavailable: "50%"
git:
- tag: "r-c4c1f2eb61e336e26717c009903d54a57e35f485"
+ tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth"
credentials: "git-credentials"
keystores:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties
index fa264b3..f55e3bb 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties
@@ -185,10 +185,10 @@ prompt.newpassword=Nuova Password
prompt.newpassword.confirm=Conferma password
prompt.password=Password
prompt.userid=Nome utente
-pwreset.done.info=Your password was successfully changed. Please click on continue to log in.
+pwreset.done.info=La password è stata modificata con successo. Fare clic su continua per accedere.
pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
-pwreset.info.linktext=Password forgotten
-pwreset.noticket=Your password reset ticket is no longer valid. Please generate a new one.
+pwreset.info.linktext=Password dimenticata
+pwreset.noticket=Il biglietto per la reimpostazione della password non è più valido. Si prega di generarne uno nuovo.
recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV già registrata
recovery_accessapp_auth.instruction1=Ha già registrato una nuova app di accesso AGOV !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
@@ -258,7 +258,7 @@ title.logout.confirmation=Logout
title.logout.reminder=Logout
title.oauth.consent=Autorizzazione del client
title.pwchange.label=Cambiare Password
-title.pwreset=Password Forgotten
+title.pwreset=Password Dimenticata
title.saml.failed=Error
title.timeout.page=Logout
user_input.invalid.email=Inserire un'e-mail valida.
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/ensureAccountState.groovy b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/ensureAccountState.groovy
index 391afdb..b8c189b 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/ensureAccountState.groovy
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/ensureAccountState.groovy
@@ -26,7 +26,7 @@ String level100RoleExtid = parameters.get('level100.roleExtid')
String baseUrl = "${parameters.get('idm.baseUrl')}/core/v1/$clientExtId"
boolean audited = false
-String agovAq100AuthEndpoint = null
+String aq100AuthRestURL = null
String endpoint = null
// 1) create the profile if needed
@@ -79,14 +79,14 @@ if (!Arrays.stream(response.getActualRoles()).filter( r -> r.contains('AGOV-Loi.
LOG.warn("Event='DATAERROR', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${user}, CredentialType='${credentialType}', SourceIp=${sourceIp}, UserAgent='${userAgent}', reason='created missing AGOVaq 100 role'")
audited = true
}
- agovAq100AuthEndpoint = result.getLocation()
+ aq100AuthRestURL = result.getLocation()
}
// 3) set the AQ level 100 verification to None
if (!session['ch.adnovum.nevisidm.userDto'].contains("idVerificationNoneAGOV-Loi,level100")) {
- if (agovAq100AuthEndpoint == null) {
+ if (aq100AuthRestURL == null) {
endpoint = "${baseUrl}/profiles/${profileExtId}/authorizations"
def result = idmRestClient.get(endpoint)
@@ -99,7 +99,7 @@ if (!session['ch.adnovum.nevisidm.userDto'].contains("idVerifi
}
}
- endpoint = "${agovAq100AuthEndpoint}/properties"
+ endpoint = "${aq100AuthRestURL}/properties"
def patchRequest = new HTTPRequestWrapper()
patchRequest.addToHeaders('Content-Type', ['application/json'])
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/env.conf b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/env.conf
index ec91f54..000317d 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/env.conf
@@ -1,8 +1,8 @@
RTENV_SECURITY_CHECK=no_shell
JAVA_OPTS=(
- "-Dfile.encoding=UTF-8"
"-XX:+UseContainerSupport"
+ "-Dfile.encoding=UTF-8"
"-XX:MaxRAMPercentage=80.0"
"-Djava.net.preferIPv4Stack=true"
"-Djava.net.connectionTimeout=10000"
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_fetchcaptchainfos.groovy b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_fetchcaptchainfos.groovy
index e36190c..3a0836b 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_fetchcaptchainfos.groovy
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_fetchcaptchainfos.groovy
@@ -1,4 +1,5 @@
import groovy.json.JsonSlurper
+import io.opentelemetry.api.trace.Span
def url = parameters.get('url')
@@ -6,6 +7,12 @@ try {
//TODO/haburger/2024-AUG-20: remove if reCaptcha is not needed anymore
session.remove('agov.fido2.X-ReCAPTCHA-Integration')
+ def spanCtxt = Span.current().getSpanContext()
+
+
+ def traceparent = "00-${spanCtxt.getTraceId()}-${spanCtxt.getSpanId()}-${spanCtxt.getTraceFlags().asHex()}"
+ LOG.error('traceparent: ' + traceparent)
+
def jsonSlurper = new JsonSlurper()
def httpClient = HttpClients.create(parameters)
def httpResponse = Http.get().url(url).build().send(httpClient)
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/otel.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/otel.properties
index db61b17..87fd6ba 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/otel.properties
@@ -1,4 +1,4 @@
-otel.service.name=auth
-otel.traces.exporter=none
-otel.metrics.exporter=none
-otel.logs.exporter=none
+otel.service.name = auth
+otel.traces.exporter = none
+otel.metrics.exporter = none
+otel.logs.exporter = none
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/etc/nevis/k8s-fido-uaf-instance-ca92034f995b39fde562293c.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/etc/nevis/k8s-fido-uaf-instance-ca92034f995b39fde562293c.yaml
index 6daf562..5819839 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/etc/nevis/k8s-fido-uaf-instance-ca92034f995b39fde562293c.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/etc/nevis/k8s-fido-uaf-instance-ca92034f995b39fde562293c.yaml
@@ -28,20 +28,25 @@ spec:
management:
httpGet:
path: "/nevisfido/liveness"
- initialDelaySeconds: 40
- periodSeconds: 30
+ periodSeconds: 5
timeoutSeconds: 6
readinessProbe:
management:
httpGet:
path: "/nevisfido/health"
- initialDelaySeconds: 40
- periodSeconds: 30
+ periodSeconds: 5
timeoutSeconds: 6
+ startupProbe:
+ management:
+ httpGet:
+ path: "/nevisfido/health"
+ periodSeconds: 5
+ timeoutSeconds: 6
+ failureThreshold: 50
podDisruptionBudget:
maxUnavailable: "50%"
git:
- tag: "r-0908e4d0fd3a6d917e38b64e7a6a4c5df57ad551"
+ tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf"
credentials: "git-credentials"
keystores:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/env.conf b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/env.conf
index d2497d2..573b4f2 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/env.conf
@@ -2,8 +2,8 @@ RUN_ARGS="--config conf/nevisfido.yml --log-config conf/logging.yml"
JAVA_OPTS=(
"-XX:+UseContainerSupport"
- "-XX:MaxRAMPercentage=80.0"
"-Dignore.me"
+ "-XX:MaxRAMPercentage=80.0"
"-javaagent:/opt/agent/opentelemetry-javaagent.jar"
"-Dotel.javaagent.logging=application"
"-Dotel.javaagent.configuration-file=/var/opt/nevisfido/default/conf/otel.properties"
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/metadata/metadata.json b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/metadata/metadata.json
index eedb085..7a83c28 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/metadata/metadata.json
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/metadata/metadata.json
@@ -91,6 +91,29 @@
"tcDisplay" : 1,
"tcDisplayContentType" : "text/plain"
},
+ {
+ "aaid" : "F1D0#0005",
+ "description" : "Android NEVIS Mobile Authentication Password Authenticator",
+ "assertionScheme" : "UAFV1TLV",
+ "attestationRootCertificates" : [],
+ "attestationTypes" : [ 15880 ],
+ "upv" : [ {
+ "major" : 1,
+ "minor" : 1
+ } ],
+ "userVerificationDetails" : [ [ {
+ "userVerification" : 4
+ } ] ],
+ "attachmentHint" : 1,
+ "authenticationAlgorithm" : 9,
+ "authenticatorVersion" : 1,
+ "isSecondFactorOnly" : false,
+ "keyProtection" : 1,
+ "matcherProtection" : 1,
+ "publicKeyAlgAndEncoding" : 256,
+ "tcDisplay" : 1,
+ "tcDisplayContentType" : "text/plain"
+ },
{
"aaid" : "F1D0#1001",
"description" : "iOS NEVIS Mobile Authentication PIN Authenticator",
@@ -182,5 +205,27 @@
"publicKeyAlgAndEncoding" : 257,
"tcDisplay" : 1,
"tcDisplayContentType" : "text/plain"
- }
-]
\ No newline at end of file
+ },
+ {
+ "aaid" : "F1D0#1005",
+ "description" : "iOS NEVIS Mobile Authentication Password Authenticator",
+ "assertionScheme" : "UAFV1TLV",
+ "attestationRootCertificates" : [],
+ "attestationTypes" : [ 15880 ],
+ "upv" : [ {
+ "major" : 1,
+ "minor" : 1
+ } ],
+ "userVerificationDetails" : [ [ {
+ "userVerification" : 4
+ } ] ],
+ "attachmentHint" : 1,
+ "authenticationAlgorithm" : 2,
+ "authenticatorVersion" : 1,
+ "isSecondFactorOnly" : false,
+ "keyProtection" : 1,
+ "matcherProtection" : 1,
+ "publicKeyAlgAndEncoding" : 257,
+ "tcDisplay" : 1,
+ "tcDisplayContentType" : "text/plain"
+ }]
\ No newline at end of file
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/otel.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/otel.properties
index 3fd0432..b7036e4 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/otel.properties
@@ -1,4 +1,4 @@
-otel.service.name=fido-uaf
-otel.traces.exporter=none
-otel.metrics.exporter=none
-otel.logs.exporter=none
+otel.service.name = fido-uaf
+otel.traces.exporter = none
+otel.metrics.exporter = none
+otel.logs.exporter = none
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/etc/nevis/k8s-nevisfido2-087f275433f3973a1421318f.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/etc/nevis/k8s-nevisfido2-087f275433f3973a1421318f.yaml
index 166b78d..7720fdc 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/etc/nevis/k8s-nevisfido2-087f275433f3973a1421318f.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/etc/nevis/k8s-nevisfido2-087f275433f3973a1421318f.yaml
@@ -28,20 +28,25 @@ spec:
management:
httpGet:
path: "/nevisfido/liveness"
- initialDelaySeconds: 40
- periodSeconds: 30
+ periodSeconds: 5
timeoutSeconds: 6
readinessProbe:
management:
httpGet:
path: "/nevisfido/health"
- initialDelaySeconds: 40
- periodSeconds: 30
+ periodSeconds: 5
timeoutSeconds: 6
+ startupProbe:
+ management:
+ httpGet:
+ path: "/nevisfido/health"
+ periodSeconds: 5
+ timeoutSeconds: 6
+ failureThreshold: 50
podDisruptionBudget:
maxUnavailable: "50%"
git:
- tag: "r-5560b9df58bc00fcf3fc92f29f5f7840af9dbf26"
+ tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2"
credentials: "git-credentials"
keystores:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/var/opt/nevisfido/default/conf/otel.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/var/opt/nevisfido/default/conf/otel.properties
index 4c09cf3..dad8976 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/var/opt/nevisfido/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/var/opt/nevisfido/default/conf/otel.properties
@@ -1,4 +1,4 @@
-otel.service.name=fido2
-otel.traces.exporter=none
-otel.metrics.exporter=none
-otel.logs.exporter=none
+otel.service.name = fido2
+otel.traces.exporter = none
+otel.metrics.exporter = none
+otel.logs.exporter = none
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml
index f5278db..ab22723 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml
@@ -28,20 +28,25 @@ spec:
management:
httpGet:
path: "/liveness"
- initialDelaySeconds: 40
periodSeconds: 30
timeoutSeconds: 6
readinessProbe:
management:
httpGet:
path: "/health"
- initialDelaySeconds: 40
periodSeconds: 30
timeoutSeconds: 6
+ startupProbe:
+ management:
+ httpGet:
+ path: "/health"
+ periodSeconds: 30
+ timeoutSeconds: 6
+ failureThreshold: 10
podDisruptionBudget:
maxUnavailable: "50%"
git:
- tag: "r-01fcdea9b5e524c965c7f0b885a21df0258ff783"
+ tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm"
credentials: "git-credentials"
keystores:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/env.conf b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/env.conf
index 84186f1..13dfb9b 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/env.conf
@@ -1 +1,8 @@
-JAVA_OPTS="-XX:+UseContainerSupport -XX:MaxRAMPercentage=80.0 -javaagent:/opt/agent/opentelemetry-javaagent.jar -Dotel.javaagent.logging=application -Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties -Dotel.resource.attributes=service.version=8.2405.1,service.instance.id=$HOSTNAME"
\ No newline at end of file
+JAVA_OPTS=(
+ "-XX:+UseContainerSupport"
+ "-XX:MaxRAMPercentage=80.0"
+ "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
+ "-Dotel.javaagent.logging=application"
+ "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
+ "-Dotel.resource.attributes=service.version=8.2405.1,service.instance.id=$HOSTNAME"
+)
\ No newline at end of file
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
index 3d262ae..422695e 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
@@ -89,6 +89,8 @@ server.host=0.0.0.0
# source: pattern://b8a36646f81c3247cdb5d90b
server.tls.enabled=true
# source: pattern://b8a36646f81c3247cdb5d90b
+server.tls.client-auth=requested
+# source: pattern://b8a36646f81c3247cdb5d90b
server.tls.keystore=/var/opt/keys/own/idm-default-identity/keystore.p12
# source: pattern://b8a36646f81c3247cdb5d90b
server.tls.keystore-passphrase=${exec:/var/opt/keys/own/idm-default-identity/keypass}
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/otel.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/otel.properties
index 73cea86..ae663a6 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/otel.properties
@@ -1,4 +1,4 @@
-otel.service.name=idm
-otel.traces.exporter=none
-otel.metrics.exporter=none
-otel.logs.exporter=none
+otel.service.name = idm
+otel.traces.exporter = none
+otel.metrics.exporter = none
+otel.logs.exporter = none
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/etc/nevis/k8s-nevislogrend-097929211988398a87bcbb0c.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/etc/nevis/k8s-nevislogrend-097929211988398a87bcbb0c.yaml
index 88d9421..2532005 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/etc/nevis/k8s-nevislogrend-097929211988398a87bcbb0c.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/etc/nevis/k8s-nevislogrend-097929211988398a87bcbb0c.yaml
@@ -28,19 +28,23 @@ spec:
management:
httpGet:
path: "/nevislogrend/liveness"
- initialDelaySeconds: 40
- periodSeconds: 30
+ periodSeconds: 5
timeoutSeconds: 6
readinessProbe:
server:
tcpSocket: true
- initialDelaySeconds: 40
- periodSeconds: 20
+ periodSeconds: 5
timeoutSeconds: 4
+ startupProbe:
+ server:
+ tcpSocket: true
+ periodSeconds: 5
+ timeoutSeconds: 4
+ failureThreshold: 50
podDisruptionBudget:
maxUnavailable: "50%"
git:
- tag: "r-0908e4d0fd3a6d917e38b64e7a6a4c5df57ad551"
+ tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend"
credentials: "git-credentials"
podSecurity:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/env.conf b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/env.conf
index 7c9bfaa..1e7049e 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/env.conf
@@ -4,8 +4,8 @@ RTENV_SECURITY_CHECK=no_shell
LOGREND_DEPLOY_TYPE=standalone
JAVA_OPTS=(
- "-Dfile.encoding=UTF-8"
"-XX:+UseContainerSupport"
+ "-Dfile.encoding=UTF-8"
"-XX:MaxRAMPercentage=80.0"
"-javaagent:/opt/agent/opentelemetry-javaagent.jar"
"-Dotel.javaagent.logging=application"
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties
index 010a13d..38c0aa7 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties
@@ -1,4 +1,4 @@
-otel.service.name=logrend
-otel.traces.exporter=none
-otel.metrics.exporter=none
-otel.logs.exporter=none
+otel.service.name = logrend
+otel.traces.exporter = none
+otel.metrics.exporter = none
+otel.logs.exporter = none
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text_it.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text_it.properties
index 3867333..2340578 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text_it.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text_it.properties
@@ -135,10 +135,10 @@ prompt.newpassword=Nuova Password
prompt.newpassword.confirm=Conferma password
prompt.password=Password
prompt.userid=Nome utente
-pwreset.done.info=Your password was successfully changed. Please click on continue to log in.
+pwreset.done.info=La password è stata modificata con successo. Fare clic su continua per accedere.
pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
-pwreset.info.linktext=Password forgotten
-pwreset.noticket=Your password reset ticket is no longer valid. Please generate a new one.
+pwreset.info.linktext=Password dimenticata
+pwreset.noticket=Il biglietto per la reimpostazione della password non è più valido. Si prega di generarne uno nuovo.
recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV già registrata
recovery_accessapp_auth.instruction1=Ha già registrato una nuova app di accesso AGOV !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
@@ -202,7 +202,7 @@ recovery_start_info.title=Il processo di ripristino sta per iniziare.
title=NEVIS SSO Portal
title.login=Login
title.pwchange.label=Cambiare Password
-title.pwreset=Password Forgotten
+title.pwreset=Password Dimenticata
user_input.invalid.email=Inserire un'e-mail valida.
user_input.invalid.email.required=Campo obbligatorio
user_input.invalid.email.tooLong=Il testo inserito è troppo lungo.
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text_it.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text_it.properties
index 3867333..2340578 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text_it.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text_it.properties
@@ -135,10 +135,10 @@ prompt.newpassword=Nuova Password
prompt.newpassword.confirm=Conferma password
prompt.password=Password
prompt.userid=Nome utente
-pwreset.done.info=Your password was successfully changed. Please click on continue to log in.
+pwreset.done.info=La password è stata modificata con successo. Fare clic su continua per accedere.
pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
-pwreset.info.linktext=Password forgotten
-pwreset.noticket=Your password reset ticket is no longer valid. Please generate a new one.
+pwreset.info.linktext=Password dimenticata
+pwreset.noticket=Il biglietto per la reimpostazione della password non è più valido. Si prega di generarne uno nuovo.
recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV già registrata
recovery_accessapp_auth.instruction1=Ha già registrato una nuova app di accesso AGOV !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
@@ -202,7 +202,7 @@ recovery_start_info.title=Il processo di ripristino sta per iniziare.
title=NEVIS SSO Portal
title.login=Login
title.pwchange.label=Cambiare Password
-title.pwreset=Password Forgotten
+title.pwreset=Password Dimenticata
user_input.invalid.email=Inserire un'e-mail valida.
user_input.invalid.email.required=Campo obbligatorio
user_input.invalid.email.tooLong=Il testo inserito è troppo lungo.
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text_it.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text_it.properties
index 3867333..2340578 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text_it.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text_it.properties
@@ -135,10 +135,10 @@ prompt.newpassword=Nuova Password
prompt.newpassword.confirm=Conferma password
prompt.password=Password
prompt.userid=Nome utente
-pwreset.done.info=Your password was successfully changed. Please click on continue to log in.
+pwreset.done.info=La password è stata modificata con successo. Fare clic su continua per accedere.
pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
-pwreset.info.linktext=Password forgotten
-pwreset.noticket=Your password reset ticket is no longer valid. Please generate a new one.
+pwreset.info.linktext=Password dimenticata
+pwreset.noticket=Il biglietto per la reimpostazione della password non è più valido. Si prega di generarne uno nuovo.
recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV già registrata
recovery_accessapp_auth.instruction1=Ha già registrato una nuova app di accesso AGOV !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
@@ -202,7 +202,7 @@ recovery_start_info.title=Il processo di ripristino sta per iniziare.
title=NEVIS SSO Portal
title.login=Login
title.pwchange.label=Cambiare Password
-title.pwreset=Password Forgotten
+title.pwreset=Password Dimenticata
user_input.invalid.email=Inserire un'e-mail valida.
user_input.invalid.email.required=Campo obbligatorio
user_input.invalid.email.tooLong=Il testo inserito è troppo lungo.
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/NotUsed_Auth_Realm/resources/conf/text_it.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/NotUsed_Auth_Realm/resources/conf/text_it.properties
index 3867333..2340578 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/NotUsed_Auth_Realm/resources/conf/text_it.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/NotUsed_Auth_Realm/resources/conf/text_it.properties
@@ -135,10 +135,10 @@ prompt.newpassword=Nuova Password
prompt.newpassword.confirm=Conferma password
prompt.password=Password
prompt.userid=Nome utente
-pwreset.done.info=Your password was successfully changed. Please click on continue to log in.
+pwreset.done.info=La password è stata modificata con successo. Fare clic su continua per accedere.
pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
-pwreset.info.linktext=Password forgotten
-pwreset.noticket=Your password reset ticket is no longer valid. Please generate a new one.
+pwreset.info.linktext=Password dimenticata
+pwreset.noticket=Il biglietto per la reimpostazione della password non è più valido. Si prega di generarne uno nuovo.
recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV già registrata
recovery_accessapp_auth.instruction1=Ha già registrato una nuova app di accesso AGOV !!!SECURITY_KEY_NAME!!! come parte del processo di recupero.
recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
@@ -202,7 +202,7 @@ recovery_start_info.title=Il processo di ripristino sta per iniziare.
title=NEVIS SSO Portal
title.login=Login
title.pwchange.label=Cambiare Password
-title.pwreset=Password Forgotten
+title.pwreset=Password Dimenticata
user_input.invalid.email=Inserire un'e-mail valida.
user_input.invalid.email.required=Campo obbligatorio
user_input.invalid.email.tooLong=Il testo inserito è troppo lungo.
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/etc/nevis/k8s-nevisproxy-idp-0ceb05c56644a59d648c13b9.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/etc/nevis/k8s-nevisproxy-idp-0ceb05c56644a59d648c13b9.yaml
index fb9cb67..113a4f9 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/etc/nevis/k8s-nevisproxy-idp-0ceb05c56644a59d648c13b9.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/etc/nevis/k8s-nevisproxy-idp-0ceb05c56644a59d648c13b9.yaml
@@ -28,20 +28,25 @@ spec:
management:
httpGet:
path: "/liveness"
- initialDelaySeconds: 40
- periodSeconds: 30
+ periodSeconds: 5
timeoutSeconds: 6
readinessProbe:
management:
httpGet:
path: "/readiness"
- initialDelaySeconds: 40
- periodSeconds: 30
+ periodSeconds: 5
timeoutSeconds: 6
+ startupProbe:
+ management:
+ httpGet:
+ path: "/readiness"
+ periodSeconds: 5
+ timeoutSeconds: 6
+ failureThreshold: 50
podDisruptionBudget:
maxUnavailable: "50%"
git:
- tag: "r-76a9542c5c919177c7b3c1903a1140c1e7274683"
+ tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp"
credentials: "git-credentials"
keystores:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/conf/navajo.xml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/conf/navajo.xml
index 5247c3a..a7cd351 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/conf/navajo.xml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/conf/navajo.xml
@@ -8,7 +8,7 @@
-
+
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/host-auth.agov-w.azure.adnovum.net/WEB-INF/web.xml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/host-auth.agov-w.azure.adnovum.net/WEB-INF/web.xml
index 8e132a2..0cff26d 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/host-auth.agov-w.azure.adnovum.net/WEB-INF/web.xml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/host-auth.agov-w.azure.adnovum.net/WEB-INF/web.xml
@@ -652,8 +652,8 @@
- StateKey
- Auth_Realm_Mobile_FIDO_UAF
+ StoreInterceptedRequest
+ false
@@ -692,8 +692,8 @@
- StateKey
- NotUsed_Auth_Realm
+ StoreInterceptedRequest
+ false