From 5c5bb5179559a62b9c392e6244dbfa8dadec8e10 Mon Sep 17 00:00:00 2001
From: haburger <haburger>
Date: Wed, 4 Sep 2024 08:38:53 +0000
Subject: [PATCH] new configuration version

---
 ...evisauth-sts-4bad2fe3ccc54716cc87138f.yaml | 15 ++++--
 .../var/opt/nevisauth/default/conf/env.conf   |  2 +-
 .../nevisauth/default/conf/otel.properties    |  8 +--
 ...8s-nevisauth-7022472ae407577ae604bbb8.yaml | 15 ++++--
 .../default/conf/LitDict_it.properties        |  8 +--
 .../default/conf/ensureAccountState.groovy    |  8 +--
 .../var/opt/nevisauth/default/conf/env.conf   |  2 +-
 .../conf/fido2_fetchcaptchainfos.groovy       |  7 +++
 .../nevisauth/default/conf/otel.properties    |  8 +--
 ...uaf-instance-ca92034f995b39fde562293c.yaml | 15 ++++--
 .../var/opt/nevisfido/default/conf/env.conf   |  2 +-
 .../default/conf/metadata/metadata.json       | 49 ++++++++++++++++++-
 .../nevisfido/default/conf/otel.properties    |  8 +--
 ...s-nevisfido2-087f275433f3973a1421318f.yaml | 15 ++++--
 .../nevisfido/default/conf/otel.properties    |  8 +--
 ...k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml | 11 +++--
 .../var/opt/nevisidm/default/conf/env.conf    |  9 +++-
 .../default/conf/nevisidm-prod.properties     |  2 +
 .../opt/nevisidm/default/conf/otel.properties |  8 +--
 ...nevislogrend-097929211988398a87bcbb0c.yaml | 14 ++++--
 .../opt/nevislogrend/default/conf/env.conf    |  2 +-
 .../nevislogrend/default/conf/otel.properties |  8 +--
 .../resources/conf/text_it.properties         |  8 +--
 .../resources/conf/text_it.properties         |  8 +--
 .../resources/conf/text_it.properties         |  8 +--
 .../resources/conf/text_it.properties         |  8 +--
 ...visproxy-idp-0ceb05c56644a59d648c13b9.yaml | 15 ++++--
 .../opt/nevisproxy/default/conf/navajo.xml    |  2 +-
 .../WEB-INF/web.xml                           |  8 +--
 29 files changed, 188 insertions(+), 93 deletions(-)

diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml
index 5ee39ff..43163e4 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/etc/nevis/k8s-nevisauth-sts-4bad2fe3ccc54716cc87138f.yaml
@@ -27,20 +27,25 @@ spec:
   livenessProbe:
     soap:
       tcpSocket: true
-      initialDelaySeconds: 40
-      periodSeconds: 20
+      periodSeconds: 5
       timeoutSeconds: 4
   readinessProbe:
     management:
       httpGet:
         path: "/nevisauth/liveness"
-      initialDelaySeconds: 40
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
+  startupProbe:
+    management:
+      httpGet:
+        path: "/nevisauth/liveness"
+      periodSeconds: 5
+      timeoutSeconds: 6
+      failureThreshold: 50
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-0908e4d0fd3a6d917e38b64e7a6a4c5df57ad551"
+    tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts"
     credentials: "git-credentials"
   keystores:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf
index 09ae031..5cd92a4 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/env.conf
@@ -1,8 +1,8 @@
 RTENV_SECURITY_CHECK=no_shell
 
 JAVA_OPTS=(
-    "-Dfile.encoding=UTF-8"
     "-XX:+UseContainerSupport"
+    "-Dfile.encoding=UTF-8"
     "-XX:MaxRAMPercentage=80.0"
     "-Djava.net.preferIPv4Stack=true"
     "-Djava.net.connectionTimeout=10000"
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/otel.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/otel.properties
index 67787db..5ba3ee1 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth-sts/var/opt/nevisauth/default/conf/otel.properties
@@ -1,4 +1,4 @@
-otel.service.name=auth-sts
-otel.traces.exporter=none
-otel.metrics.exporter=none
-otel.logs.exporter=none
+otel.service.name = auth-sts
+otel.traces.exporter = none
+otel.metrics.exporter = none
+otel.logs.exporter = none
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml
index 2c37e64..8045ba2 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/etc/nevis/k8s-nevisauth-7022472ae407577ae604bbb8.yaml
@@ -27,20 +27,25 @@ spec:
   livenessProbe:
     soap:
       tcpSocket: true
-      initialDelaySeconds: 40
-      periodSeconds: 20
+      periodSeconds: 5
       timeoutSeconds: 4
   readinessProbe:
     management:
       httpGet:
         path: "/nevisauth/liveness"
-      initialDelaySeconds: 40
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
+  startupProbe:
+    management:
+      httpGet:
+        path: "/nevisauth/liveness"
+      periodSeconds: 5
+      timeoutSeconds: 6
+      failureThreshold: 50
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-c4c1f2eb61e336e26717c009903d54a57e35f485"
+    tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth"
     credentials: "git-credentials"
   keystores:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties
index fa264b3..f55e3bb 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/LitDict_it.properties
@@ -185,10 +185,10 @@ prompt.newpassword=Nuova Password
 prompt.newpassword.confirm=Conferma password
 prompt.password=Password
 prompt.userid=Nome utente
-pwreset.done.info=Your password was successfully changed. Please click on continue to log in.
+pwreset.done.info=La password &egrave; stata modificata con successo. Fare clic su continua per accedere.
 pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
-pwreset.info.linktext=Password forgotten
-pwreset.noticket=Your password reset ticket is no longer valid. Please generate a new one.
+pwreset.info.linktext=Password dimenticata
+pwreset.noticket=Il biglietto per la reimpostazione della password non &egrave; pi&ugrave; valido. Si prega di generarne uno nuovo.
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata 
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app di accesso AGOV !!!SECURITY_KEY_NAME!!! come parte del processo di recupero. 
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
@@ -258,7 +258,7 @@ title.logout.confirmation=Logout
 title.logout.reminder=Logout
 title.oauth.consent=Autorizzazione del client
 title.pwchange.label=Cambiare Password
-title.pwreset=Password Forgotten
+title.pwreset=Password Dimenticata
 title.saml.failed=Error
 title.timeout.page=Logout
 user_input.invalid.email=Inserire un'e-mail valida.
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/ensureAccountState.groovy b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/ensureAccountState.groovy
index 391afdb..b8c189b 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/ensureAccountState.groovy
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/ensureAccountState.groovy
@@ -26,7 +26,7 @@ String level100RoleExtid = parameters.get('level100.roleExtid')
 
 String baseUrl = "${parameters.get('idm.baseUrl')}/core/v1/$clientExtId"
 boolean audited = false
-String agovAq100AuthEndpoint = null
+String aq100AuthRestURL = null
 String endpoint = null
 
 // 1) create the profile if needed
@@ -79,14 +79,14 @@ if (!Arrays.stream(response.getActualRoles()).filter( r -> r.contains('AGOV-Loi.
 		LOG.warn("Event='DATAERROR', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${user}, CredentialType='${credentialType}', SourceIp=${sourceIp}, UserAgent='${userAgent}', reason='created missing AGOVaq 100 role'")
 		audited = true
 	}
-	agovAq100AuthEndpoint = result.getLocation()
+	aq100AuthRestURL = result.getLocation()
 }
 
 
 // 3) set the AQ level 100 verification to None
 if (!session['ch.adnovum.nevisidm.userDto'].contains("<properties><name>idVerification</name><value>None</value><scopeName>AGOV-Loi,level100</scopeName></properties>")) {
 
-	if (agovAq100AuthEndpoint == null) {
+	if (aq100AuthRestURL == null) {
 		endpoint = "${baseUrl}/profiles/${profileExtId}/authorizations"
 
 		def result = idmRestClient.get(endpoint)
@@ -99,7 +99,7 @@ if (!session['ch.adnovum.nevisidm.userDto'].contains("<properties><name>idVerifi
 		}
 	}
 
-	endpoint = "${agovAq100AuthEndpoint}/properties"
+	endpoint = "${aq100AuthRestURL}/properties"
 
 	def patchRequest = new HTTPRequestWrapper()
 	patchRequest.addToHeaders('Content-Type',  ['application/json'])
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/env.conf b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/env.conf
index ec91f54..000317d 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/env.conf
@@ -1,8 +1,8 @@
 RTENV_SECURITY_CHECK=no_shell
 
 JAVA_OPTS=(
-    "-Dfile.encoding=UTF-8"
     "-XX:+UseContainerSupport"
+    "-Dfile.encoding=UTF-8"
     "-XX:MaxRAMPercentage=80.0"
     "-Djava.net.preferIPv4Stack=true"
     "-Djava.net.connectionTimeout=10000"
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_fetchcaptchainfos.groovy b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_fetchcaptchainfos.groovy
index e36190c..3a0836b 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_fetchcaptchainfos.groovy
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/fido2_fetchcaptchainfos.groovy
@@ -1,4 +1,5 @@
 import groovy.json.JsonSlurper
+import io.opentelemetry.api.trace.Span
 
 def url = parameters.get('url')
 
@@ -6,6 +7,12 @@ try {
   //TODO/haburger/2024-AUG-20: remove if reCaptcha is not needed anymore
   session.remove('agov.fido2.X-ReCAPTCHA-Integration')
 
+  def spanCtxt = Span.current().getSpanContext()
+
+
+  def traceparent = "00-${spanCtxt.getTraceId()}-${spanCtxt.getSpanId()}-${spanCtxt.getTraceFlags().asHex()}"
+  LOG.error('traceparent: ' + traceparent)
+
   def jsonSlurper = new JsonSlurper()
   def httpClient = HttpClients.create(parameters)
   def httpResponse = Http.get().url(url).build().send(httpClient)
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/otel.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/otel.properties
index db61b17..87fd6ba 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth/var/opt/nevisauth/default/conf/otel.properties
@@ -1,4 +1,4 @@
-otel.service.name=auth
-otel.traces.exporter=none
-otel.metrics.exporter=none
-otel.logs.exporter=none
+otel.service.name = auth
+otel.traces.exporter = none
+otel.metrics.exporter = none
+otel.logs.exporter = none
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/etc/nevis/k8s-fido-uaf-instance-ca92034f995b39fde562293c.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/etc/nevis/k8s-fido-uaf-instance-ca92034f995b39fde562293c.yaml
index 6daf562..5819839 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/etc/nevis/k8s-fido-uaf-instance-ca92034f995b39fde562293c.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/etc/nevis/k8s-fido-uaf-instance-ca92034f995b39fde562293c.yaml
@@ -28,20 +28,25 @@ spec:
     management:
       httpGet:
         path: "/nevisfido/liveness"
-      initialDelaySeconds: 40
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
   readinessProbe:
     management:
       httpGet:
         path: "/nevisfido/health"
-      initialDelaySeconds: 40
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
+  startupProbe:
+    management:
+      httpGet:
+        path: "/nevisfido/health"
+      periodSeconds: 5
+      timeoutSeconds: 6
+      failureThreshold: 50
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-0908e4d0fd3a6d917e38b64e7a6a4c5df57ad551"
+    tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf"
     credentials: "git-credentials"
   keystores:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/env.conf b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/env.conf
index d2497d2..573b4f2 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/env.conf
@@ -2,8 +2,8 @@ RUN_ARGS="--config conf/nevisfido.yml --log-config conf/logging.yml"
 
 JAVA_OPTS=(
     "-XX:+UseContainerSupport"
-    "-XX:MaxRAMPercentage=80.0"
     "-Dignore.me"
+    "-XX:MaxRAMPercentage=80.0"
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisfido/default/conf/otel.properties"
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/metadata/metadata.json b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/metadata/metadata.json
index eedb085..7a83c28 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/metadata/metadata.json
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/metadata/metadata.json
@@ -91,6 +91,29 @@
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
   },
+  {
+    "aaid" : "F1D0#0005",
+    "description" : "Android NEVIS Mobile Authentication Password Authenticator",
+    "assertionScheme" : "UAFV1TLV",
+    "attestationRootCertificates" : [],
+    "attestationTypes" : [ 15880 ],
+    "upv" : [ {
+      "major" : 1,
+      "minor" : 1
+    } ],
+    "userVerificationDetails" : [ [ {
+      "userVerification" : 4
+    } ] ],
+    "attachmentHint" : 1,
+    "authenticationAlgorithm" : 9,
+    "authenticatorVersion" : 1,
+    "isSecondFactorOnly" : false,
+    "keyProtection" : 1,
+    "matcherProtection" : 1,
+    "publicKeyAlgAndEncoding" : 256,
+    "tcDisplay" : 1,
+    "tcDisplayContentType" : "text/plain"
+  },
   {
     "aaid" : "F1D0#1001",
     "description" : "iOS NEVIS Mobile Authentication PIN Authenticator",
@@ -182,5 +205,27 @@
     "publicKeyAlgAndEncoding" : 257,
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
-  }
-]
\ No newline at end of file
+  },
+  {
+    "aaid" : "F1D0#1005",
+    "description" : "iOS NEVIS Mobile Authentication Password Authenticator",
+    "assertionScheme" : "UAFV1TLV",
+    "attestationRootCertificates" : [],
+    "attestationTypes" : [ 15880 ],
+    "upv" : [ {
+      "major" : 1,
+      "minor" : 1
+    } ],
+    "userVerificationDetails" : [ [ {
+      "userVerification" : 4
+    } ] ],
+    "attachmentHint" : 1,
+    "authenticationAlgorithm" : 2,
+    "authenticatorVersion" : 1,
+    "isSecondFactorOnly" : false,
+    "keyProtection" : 1,
+    "matcherProtection" : 1,
+    "publicKeyAlgAndEncoding" : 257,
+    "tcDisplay" : 1,
+    "tcDisplayContentType" : "text/plain"
+  }]
\ No newline at end of file
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/otel.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/otel.properties
index 3fd0432..b7036e4 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido-uaf/var/opt/nevisfido/default/conf/otel.properties
@@ -1,4 +1,4 @@
-otel.service.name=fido-uaf
-otel.traces.exporter=none
-otel.metrics.exporter=none
-otel.logs.exporter=none
+otel.service.name = fido-uaf
+otel.traces.exporter = none
+otel.metrics.exporter = none
+otel.logs.exporter = none
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/etc/nevis/k8s-nevisfido2-087f275433f3973a1421318f.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/etc/nevis/k8s-nevisfido2-087f275433f3973a1421318f.yaml
index 166b78d..7720fdc 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/etc/nevis/k8s-nevisfido2-087f275433f3973a1421318f.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/etc/nevis/k8s-nevisfido2-087f275433f3973a1421318f.yaml
@@ -28,20 +28,25 @@ spec:
     management:
       httpGet:
         path: "/nevisfido/liveness"
-      initialDelaySeconds: 40
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
   readinessProbe:
     management:
       httpGet:
         path: "/nevisfido/health"
-      initialDelaySeconds: 40
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
+  startupProbe:
+    management:
+      httpGet:
+        path: "/nevisfido/health"
+      periodSeconds: 5
+      timeoutSeconds: 6
+      failureThreshold: 50
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-5560b9df58bc00fcf3fc92f29f5f7840af9dbf26"
+    tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2"
     credentials: "git-credentials"
   keystores:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/var/opt/nevisfido/default/conf/otel.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/var/opt/nevisfido/default/conf/otel.properties
index 4c09cf3..dad8976 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/var/opt/nevisfido/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/fido2/var/opt/nevisfido/default/conf/otel.properties
@@ -1,4 +1,4 @@
-otel.service.name=fido2
-otel.traces.exporter=none
-otel.metrics.exporter=none
-otel.logs.exporter=none
+otel.service.name = fido2
+otel.traces.exporter = none
+otel.metrics.exporter = none
+otel.logs.exporter = none
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml
index f5278db..ab22723 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/etc/nevis/k8s-nevisidm-b8a36646f81c3247cdb5d90b.yaml
@@ -28,20 +28,25 @@ spec:
     management:
       httpGet:
         path: "/liveness"
-      initialDelaySeconds: 40
       periodSeconds: 30
       timeoutSeconds: 6
   readinessProbe:
     management:
       httpGet:
         path: "/health"
-      initialDelaySeconds: 40
       periodSeconds: 30
       timeoutSeconds: 6
+  startupProbe:
+    management:
+      httpGet:
+        path: "/health"
+      periodSeconds: 30
+      timeoutSeconds: 6
+      failureThreshold: 10
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-01fcdea9b5e524c965c7f0b885a21df0258ff783"
+    tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm"
     credentials: "git-credentials"
   keystores:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/env.conf b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/env.conf
index 84186f1..13dfb9b 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/env.conf
@@ -1 +1,8 @@
-JAVA_OPTS="-XX:+UseContainerSupport -XX:MaxRAMPercentage=80.0 -javaagent:/opt/agent/opentelemetry-javaagent.jar -Dotel.javaagent.logging=application -Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties -Dotel.resource.attributes=service.version=8.2405.1,service.instance.id=$HOSTNAME"
\ No newline at end of file
+JAVA_OPTS=(
+    "-XX:+UseContainerSupport"
+    "-XX:MaxRAMPercentage=80.0"
+    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
+    "-Dotel.javaagent.logging=application"
+    "-Dotel.javaagent.configuration-file=/var/opt/nevisidm/default/conf/otel.properties"
+    "-Dotel.resource.attributes=service.version=8.2405.1,service.instance.id=$HOSTNAME"
+)
\ No newline at end of file
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
index 3d262ae..422695e 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
@@ -89,6 +89,8 @@ server.host=0.0.0.0
 # source: pattern://b8a36646f81c3247cdb5d90b
 server.tls.enabled=true
 # source: pattern://b8a36646f81c3247cdb5d90b
+server.tls.client-auth=requested
+# source: pattern://b8a36646f81c3247cdb5d90b
 server.tls.keystore=/var/opt/keys/own/idm-default-identity/keystore.p12
 # source: pattern://b8a36646f81c3247cdb5d90b
 server.tls.keystore-passphrase=${exec:/var/opt/keys/own/idm-default-identity/keypass}
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/otel.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/otel.properties
index 73cea86..ae663a6 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/idm/var/opt/nevisidm/default/conf/otel.properties
@@ -1,4 +1,4 @@
-otel.service.name=idm
-otel.traces.exporter=none
-otel.metrics.exporter=none
-otel.logs.exporter=none
+otel.service.name = idm
+otel.traces.exporter = none
+otel.metrics.exporter = none
+otel.logs.exporter = none
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/etc/nevis/k8s-nevislogrend-097929211988398a87bcbb0c.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/etc/nevis/k8s-nevislogrend-097929211988398a87bcbb0c.yaml
index 88d9421..2532005 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/etc/nevis/k8s-nevislogrend-097929211988398a87bcbb0c.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/etc/nevis/k8s-nevislogrend-097929211988398a87bcbb0c.yaml
@@ -28,19 +28,23 @@ spec:
     management:
       httpGet:
         path: "/nevislogrend/liveness"
-      initialDelaySeconds: 40
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
   readinessProbe:
     server:
       tcpSocket: true
-      initialDelaySeconds: 40
-      periodSeconds: 20
+      periodSeconds: 5
       timeoutSeconds: 4
+  startupProbe:
+    server:
+      tcpSocket: true
+      periodSeconds: 5
+      timeoutSeconds: 4
+      failureThreshold: 50
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-0908e4d0fd3a6d917e38b64e7a6a4c5df57ad551"
+    tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend"
     credentials: "git-credentials"
   podSecurity:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/env.conf b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/env.conf
index 7c9bfaa..1e7049e 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/env.conf
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/env.conf
@@ -4,8 +4,8 @@ RTENV_SECURITY_CHECK=no_shell
 LOGREND_DEPLOY_TYPE=standalone
 
 JAVA_OPTS=(
-    "-Dfile.encoding=UTF-8"
     "-XX:+UseContainerSupport"
+    "-Dfile.encoding=UTF-8"
     "-XX:MaxRAMPercentage=80.0"
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties
index 010a13d..38c0aa7 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/conf/otel.properties
@@ -1,4 +1,4 @@
-otel.service.name=logrend
-otel.traces.exporter=none
-otel.metrics.exporter=none
-otel.logs.exporter=none
+otel.service.name = logrend
+otel.traces.exporter = none
+otel.metrics.exporter = none
+otel.logs.exporter = none
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text_it.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text_it.properties
index 3867333..2340578 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text_it.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Main_IDP/resources/conf/text_it.properties
@@ -135,10 +135,10 @@ prompt.newpassword=Nuova Password
 prompt.newpassword.confirm=Conferma password
 prompt.password=Password
 prompt.userid=Nome utente
-pwreset.done.info=Your password was successfully changed. Please click on continue to log in.
+pwreset.done.info=La password &egrave; stata modificata con successo. Fare clic su continua per accedere.
 pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
-pwreset.info.linktext=Password forgotten
-pwreset.noticket=Your password reset ticket is no longer valid. Please generate a new one.
+pwreset.info.linktext=Password dimenticata
+pwreset.noticket=Il biglietto per la reimpostazione della password non &egrave; pi&ugrave; valido. Si prega di generarne uno nuovo.
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata 
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app di accesso AGOV !!!SECURITY_KEY_NAME!!! come parte del processo di recupero. 
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
@@ -202,7 +202,7 @@ recovery_start_info.title=Il processo di ripristino sta per iniziare.
 title=NEVIS SSO Portal
 title.login=Login
 title.pwchange.label=Cambiare Password
-title.pwreset=Password Forgotten
+title.pwreset=Password Dimenticata
 user_input.invalid.email=Inserire un'e-mail valida.
 user_input.invalid.email.required=Campo obbligatorio
 user_input.invalid.email.tooLong=Il testo inserito &egrave; troppo lungo. 
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text_it.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text_it.properties
index 3867333..2340578 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text_it.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Mobile_FIDO_UAF/resources/conf/text_it.properties
@@ -135,10 +135,10 @@ prompt.newpassword=Nuova Password
 prompt.newpassword.confirm=Conferma password
 prompt.password=Password
 prompt.userid=Nome utente
-pwreset.done.info=Your password was successfully changed. Please click on continue to log in.
+pwreset.done.info=La password &egrave; stata modificata con successo. Fare clic su continua per accedere.
 pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
-pwreset.info.linktext=Password forgotten
-pwreset.noticket=Your password reset ticket is no longer valid. Please generate a new one.
+pwreset.info.linktext=Password dimenticata
+pwreset.noticket=Il biglietto per la reimpostazione della password non &egrave; pi&ugrave; valido. Si prega di generarne uno nuovo.
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata 
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app di accesso AGOV !!!SECURITY_KEY_NAME!!! come parte del processo di recupero. 
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
@@ -202,7 +202,7 @@ recovery_start_info.title=Il processo di ripristino sta per iniziare.
 title=NEVIS SSO Portal
 title.login=Login
 title.pwchange.label=Cambiare Password
-title.pwreset=Password Forgotten
+title.pwreset=Password Dimenticata
 user_input.invalid.email=Inserire un'e-mail valida.
 user_input.invalid.email.required=Campo obbligatorio
 user_input.invalid.email.tooLong=Il testo inserito &egrave; troppo lungo. 
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text_it.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text_it.properties
index 3867333..2340578 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text_it.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/Auth_Realm_Recovery/resources/conf/text_it.properties
@@ -135,10 +135,10 @@ prompt.newpassword=Nuova Password
 prompt.newpassword.confirm=Conferma password
 prompt.password=Password
 prompt.userid=Nome utente
-pwreset.done.info=Your password was successfully changed. Please click on continue to log in.
+pwreset.done.info=La password &egrave; stata modificata con successo. Fare clic su continua per accedere.
 pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
-pwreset.info.linktext=Password forgotten
-pwreset.noticket=Your password reset ticket is no longer valid. Please generate a new one.
+pwreset.info.linktext=Password dimenticata
+pwreset.noticket=Il biglietto per la reimpostazione della password non &egrave; pi&ugrave; valido. Si prega di generarne uno nuovo.
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata 
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app di accesso AGOV !!!SECURITY_KEY_NAME!!! come parte del processo di recupero. 
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
@@ -202,7 +202,7 @@ recovery_start_info.title=Il processo di ripristino sta per iniziare.
 title=NEVIS SSO Portal
 title.login=Login
 title.pwchange.label=Cambiare Password
-title.pwreset=Password Forgotten
+title.pwreset=Password Dimenticata
 user_input.invalid.email=Inserire un'e-mail valida.
 user_input.invalid.email.required=Campo obbligatorio
 user_input.invalid.email.tooLong=Il testo inserito &egrave; troppo lungo. 
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/NotUsed_Auth_Realm/resources/conf/text_it.properties b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/NotUsed_Auth_Realm/resources/conf/text_it.properties
index 3867333..2340578 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/NotUsed_Auth_Realm/resources/conf/text_it.properties
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/logrend/var/opt/nevislogrend/default/data/applications/NotUsed_Auth_Realm/resources/conf/text_it.properties
@@ -135,10 +135,10 @@ prompt.newpassword=Nuova Password
 prompt.newpassword.confirm=Conferma password
 prompt.password=Password
 prompt.userid=Nome utente
-pwreset.done.info=Your password was successfully changed. Please click on continue to log in.
+pwreset.done.info=La password &egrave; stata modificata con successo. Fare clic su continua per accedere.
 pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
-pwreset.info.linktext=Password forgotten
-pwreset.noticket=Your password reset ticket is no longer valid. Please generate a new one.
+pwreset.info.linktext=Password dimenticata
+pwreset.noticket=Il biglietto per la reimpostazione della password non &egrave; pi&ugrave; valido. Si prega di generarne uno nuovo.
 recovery_accessapp_auth.accessAppRegistered=App di accesso AGOV gi&agrave; registrata 
 recovery_accessapp_auth.instruction1=Ha gi&agrave; registrato una nuova app di accesso AGOV !!!SECURITY_KEY_NAME!!! come parte del processo di recupero. 
 recovery_accessapp_auth.instruction2=Si prega di usare !!!ACCESS_APP_NAME!!! per l'identificazione.
@@ -202,7 +202,7 @@ recovery_start_info.title=Il processo di ripristino sta per iniziare.
 title=NEVIS SSO Portal
 title.login=Login
 title.pwchange.label=Cambiare Password
-title.pwreset=Password Forgotten
+title.pwreset=Password Dimenticata
 user_input.invalid.email=Inserire un'e-mail valida.
 user_input.invalid.email.required=Campo obbligatorio
 user_input.invalid.email.tooLong=Il testo inserito &egrave; troppo lungo. 
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/etc/nevis/k8s-nevisproxy-idp-0ceb05c56644a59d648c13b9.yaml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/etc/nevis/k8s-nevisproxy-idp-0ceb05c56644a59d648c13b9.yaml
index fb9cb67..113a4f9 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/etc/nevis/k8s-nevisproxy-idp-0ceb05c56644a59d648c13b9.yaml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/etc/nevis/k8s-nevisproxy-idp-0ceb05c56644a59d648c13b9.yaml
@@ -28,20 +28,25 @@ spec:
     management:
       httpGet:
         path: "/liveness"
-      initialDelaySeconds: 40
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
   readinessProbe:
     management:
       httpGet:
         path: "/readiness"
-      initialDelaySeconds: 40
-      periodSeconds: 30
+      periodSeconds: 5
       timeoutSeconds: 6
+  startupProbe:
+    management:
+      httpGet:
+        path: "/readiness"
+      periodSeconds: 5
+      timeoutSeconds: 6
+      failureThreshold: 50
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-76a9542c5c919177c7b3c1903a1140c1e7274683"
+    tag: "r-f0c2fc352ad8e75f5eae1bab7fc80e6315293282"
     dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp"
     credentials: "git-credentials"
   keystores:
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/conf/navajo.xml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/conf/navajo.xml
index 5247c3a..a7cd351 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/conf/navajo.xml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/conf/navajo.xml
@@ -8,7 +8,7 @@
         <!-- source: pattern://0ceb05c56644a59d648c13b9 -->
         <Timer periodicity="60"/>
         <!-- source: pattern://0ceb05c56644a59d648c13b9 -->
-        <Server User="nevis" Group="root" ServerAdmin="admin@company.com" ServerName="proxy-idp" Timeout="30" MaxClients="600" MaxRequestsPerChild="0" KeepAlive="on" KeepAliveTimeout="5" MaxKeepAliveRequests="100" LimitRequestLine="5120" LimitRequestBody="512000" LimitRequestFields="50" LimitRequestFieldsize="5120" ServerRoot="/var/opt/nevisproxy/default" CoreDumpDirectory="" ErrorLog="&quot;|/bin/sed -u s/^/[apache.log]\ /g&quot;" Loglevel="notice" TransferLog="&quot;|/bin/stdbuf -oL /bin/egrep -v GET./.....?ness&quot;" LogFormat="&quot;[access.log] %h %l %u %t \&quot;%r\&quot; %&gt;s %b %{content-length}i %T %v \&quot;%{Referer}i\&quot; \&quot;%{User-Agent}i\&quot; trID=%{UNIQUE_ID}e&quot;" SSLPassPhraseDialog="builtin" SSLSessionCache="shmcb:/var/opt/nevisproxy/default/run/apache_shmcb"/>
+        <Server User="nevis" Group="root" ServerName="proxy-idp" Timeout="30" MaxClients="600" MaxRequestsPerChild="0" KeepAlive="on" KeepAliveTimeout="5" MaxKeepAliveRequests="100" LimitRequestLine="5120" LimitRequestBody="512000" LimitRequestFields="50" LimitRequestFieldsize="5120" ServerRoot="/var/opt/nevisproxy/default" CoreDumpDirectory="" ErrorLog="&quot;|/bin/sed -u s/^/[apache.log]\ /g&quot;" LogLevel="notice" TransferLog="&quot;|/bin/stdbuf -oL /bin/egrep -v GET./.....?ness&quot;" LogFormat="&quot;[access.log] %h %l %u %t \&quot;%r\&quot; %&gt;s %b %{content-length}i %T %v \&quot;%{Referer}i\&quot; \&quot;%{User-Agent}i\&quot; trID=%{UNIQUE_ID}e&quot;" SSLPassPhraseDialog="builtin" SSLSessionCache="shmcb:/var/opt/nevisproxy/default/run/apache_shmcb"/>
         <!-- source: pattern://0ceb05c56644a59d648c13b9 -->
         <Connector port="11080" name="management" listen="0.0.0.0:11080"/>
         <!-- source: pattern://1f0702aaabef60a615abf41f -->
diff --git a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/host-auth.agov-w.azure.adnovum.net/WEB-INF/web.xml b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/host-auth.agov-w.azure.adnovum.net/WEB-INF/web.xml
index 8e132a2..0cff26d 100644
--- a/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/host-auth.agov-w.azure.adnovum.net/WEB-INF/web.xml
+++ b/DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/host-auth.agov-w.azure.adnovum.net/WEB-INF/web.xml
@@ -652,8 +652,8 @@
         </init-param>
         <!-- source: pattern://cb8c63274fe346280de0ffd5 -->
         <init-param>
-            <param-name>StateKey</param-name>
-            <param-value>Auth_Realm_Mobile_FIDO_UAF</param-value>
+            <param-name>StoreInterceptedRequest</param-name>
+            <param-value>false</param-value>
         </init-param>
     </filter>
     <!-- source: pattern://06aeae2d799e492f5580d03b -->
@@ -692,8 +692,8 @@
         </init-param>
         <!-- source: pattern://06aeae2d799e492f5580d03b -->
         <init-param>
-            <param-name>StateKey</param-name>
-            <param-value>NotUsed_Auth_Realm</param-value>
+            <param-name>StoreInterceptedRequest</param-name>
+            <param-value>false</param-value>
         </init-param>
     </filter>
     <!-- source: pattern://0d3511bed6798a78cc3237f6 -->