new configuration version
This commit is contained in:
admin
parent
8c20ea9729
commit
87b6fe0af3
|
|
@ -40,7 +40,7 @@ spec:
|
||||||
podDisruptionBudget:
|
podDisruptionBudget:
|
||||||
maxUnavailable: "50%"
|
maxUnavailable: "50%"
|
||||||
git:
|
git:
|
||||||
tag: "r-b8b0f093d7a2c6d564f85fc11747986a0bd36b92"
|
tag: "r-9b106c5cc12a40258ccd94ea34b823fea2bbb744"
|
||||||
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth"
|
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/auth"
|
||||||
credentials: "git-credentials"
|
credentials: "git-credentials"
|
||||||
keystores:
|
keystores:
|
||||||
|
|
|
||||||
|
|
@ -109,7 +109,7 @@
|
||||||
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
||||||
<KeyObject name="Signer_IDP_AGOV" certificate="/var/opt/keys/own/idp-pem-signer/cert.pem" privateKey="/var/opt/keys/own/idp-pem-signer/keystore.jks" passPhrase="pipe:///var/opt/keys/own/idp-pem-signer/keypass"/>
|
<KeyObject name="Signer_IDP_AGOV" certificate="/var/opt/keys/own/idp-pem-signer/cert.pem" privateKey="/var/opt/keys/own/idp-pem-signer/keystore.jks" passPhrase="pipe:///var/opt/keys/own/idp-pem-signer/keypass"/>
|
||||||
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
||||||
<KeyObject name="https://trustbroker.agov-w.azure.adnovum.net" certificate="/var/opt/keys/trust/idp-pem-atb/truststore.jks"/>
|
<KeyObject name="https://trustbroker.agov-d.azure.adnovum.net" certificate="/var/opt/keys/trust/idp-pem-atb/truststore.jks"/>
|
||||||
</KeyStore>
|
</KeyStore>
|
||||||
<!-- source: pattern://cb8c63274fe346280de0ffd5 -->
|
<!-- source: pattern://cb8c63274fe346280de0ffd5 -->
|
||||||
<KeyStore name="Auth_Realm_Mobile_FIDO_UAFKeyStore">
|
<KeyStore name="Auth_Realm_Mobile_FIDO_UAFKeyStore">
|
||||||
|
|
@ -1373,11 +1373,11 @@
|
||||||
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
||||||
<property name="out.keyobjectref" value="Signer_IDP_AGOV"/>
|
<property name="out.keyobjectref" value="Signer_IDP_AGOV"/>
|
||||||
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
||||||
<property name="spURL" value="https://trustbroker.agov-w.azure.adnovum.net/adfs/ls"/>
|
<property name="spURL" value="https://trustbroker.agov-d.azure.adnovum.net/adfs/ls"/>
|
||||||
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
||||||
<property name="spIssuer" value="https://trustbroker.agov-w.azure.adnovum.net"/>
|
<property name="spIssuer" value="https://trustbroker.agov-d.azure.adnovum.net"/>
|
||||||
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
||||||
<property name="acsUrlWhitelist.uris" value="https://trustbroker.agov-w.azure.adnovum.net/adfs/ls"/>
|
<property name="acsUrlWhitelist.uris" value="https://trustbroker.agov-d.azure.adnovum.net/adfs/ls"/>
|
||||||
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
||||||
<property name="in.binding" value="auto"/>
|
<property name="in.binding" value="auto"/>
|
||||||
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
||||||
|
|
@ -1429,7 +1429,7 @@
|
||||||
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
||||||
<property name="out.attribute.http://schemas.agov.ch/ws/2024/02/identity/claims/address/countryName" value="#{ (sess['agov.appAddressRequired'] == 'true') ? sess['agov.countryName'] : ''}"/>
|
<property name="out.attribute.http://schemas.agov.ch/ws/2024/02/identity/claims/address/countryName" value="#{ (sess['agov.appAddressRequired'] == 'true') ? sess['agov.countryName'] : ''}"/>
|
||||||
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
||||||
<property name="out.audienceRestriction" value="https://trustbroker.agov-w.azure.adnovum.net"/>
|
<property name="out.audienceRestriction" value="https://trustbroker.agov-d.azure.adnovum.net"/>
|
||||||
</AuthState>
|
</AuthState>
|
||||||
<AuthState name="Auth_Realm_Main_IDP_Concurrent_Logout" class="ch.nevis.esauth.auth.states.standard.AuthLogout" final="false" resumeState="false">
|
<AuthState name="Auth_Realm_Main_IDP_Concurrent_Logout" class="ch.nevis.esauth.auth.states.standard.AuthLogout" final="false" resumeState="false">
|
||||||
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
<!-- source: pattern://27cefc3861bce987f6766342 -->
|
||||||
|
|
|
||||||
|
|
@ -167,7 +167,7 @@ def i2r = [:]
|
||||||
|
|
||||||
// issuer to ResultCond name
|
// issuer to ResultCond name
|
||||||
def i2e = [:]
|
def i2e = [:]
|
||||||
i2e.put('https://trustbroker.agov-w.azure.adnovum.net', 'forbidden_0')
|
i2e.put('https://trustbroker.agov-d.azure.adnovum.net', 'forbidden_0')
|
||||||
|
|
||||||
|
|
||||||
if (!i2r.isEmpty() && !hasAnyRequiredRole(i2r, issuer)) {
|
if (!i2r.isEmpty() && !hasAnyRequiredRole(i2r, issuer)) {
|
||||||
|
|
|
||||||
|
|
@ -91,7 +91,7 @@ if (request.getSession(false) == null) {
|
||||||
def i2s = new TreeMap<String, String>(String.CASE_INSENSITIVE_ORDER)
|
def i2s = new TreeMap<String, String>(String.CASE_INSENSITIVE_ORDER)
|
||||||
|
|
||||||
|
|
||||||
i2s.put('https://trustbroker.agov-w.azure.adnovum.net', 'state0')
|
i2s.put('https://trustbroker.agov-d.azure.adnovum.net', 'state0')
|
||||||
|
|
||||||
if (parameters.get('spInitiated') == 'true' && inargs.containsKey('SAMLRequest')) { // SP-initiated authentication
|
if (parameters.get('spInitiated') == 'true' && inargs.containsKey('SAMLRequest')) { // SP-initiated authentication
|
||||||
LOG.debug("found SAMLRequest parameter for SP-initiated authentication")
|
LOG.debug("found SAMLRequest parameter for SP-initiated authentication")
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue