new configuration version
This commit is contained in:
mamo
parent
4956b48ff0
commit
8fac4d4910
|
|
@ -45,7 +45,7 @@ spec:
|
|||
podDisruptionBudget:
|
||||
maxUnavailable: "50%"
|
||||
git:
|
||||
tag: "r-c1f967206031c07e593aa2ffabb8e9cd9d52d049"
|
||||
tag: "r-037e6dff11b107c9a9ce0551a345b013cfe756dd"
|
||||
dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai"
|
||||
credentials: "git-credentials"
|
||||
keystores:
|
||||
|
|
|
|||
|
|
@ -55,13 +55,13 @@
|
|||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<Domain name="cossa_realm" default="false" inactiveInterval="7200" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
|
||||
<Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint"/>
|
||||
<Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/.*$:true}"/>
|
||||
<Entry method="authenticate" state="cossa_realm_AuthorizationServer_New_OAuth_2.0_Authorization_Server_OpenID_Provider" selector="${request:currentResource:^http[s]?\u003A//[^/]+/oauth/authorize($|\?.*)$:true}"/>
|
||||
<Entry method="authenticate" state="cossa_realm_AuthorizationServer_New_OAuth_2.0_Authorization_Server_OpenID_Provider" selector="${request:currentResource:^http[s]?\u003A//[^/]+/oauth/token($|\?.*)$:true}"/>
|
||||
<Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
|
||||
<Entry method="stepup" state="cossa_realm_Selector"/>
|
||||
<Entry method="stepup" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/.*$:true}"/>
|
||||
<Entry method="stepup" state="cossa_realm_AuthorizationServer_New_OAuth_2.0_Authorization_Server_OpenID_Provider" selector="${request:currentResource:^http[s]?\u003A//[^/]+/oauth/authorize($|\?.*)$:true}"/>
|
||||
<Entry method="stepup" state="cossa_realm_AuthorizationServer_New_OAuth_2.0_Authorization_Server_OpenID_Provider" selector="${request:currentResource:^http[s]?\u003A//[^/]+/oauth/token($|\?.*)$:true}"/>
|
||||
<Entry method="stepup" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
|
||||
</Domain>
|
||||
<AuthState name="cossa_realm_TokenExchangeEndpoint" class="ch.adnovum.cossa.TokenExchangeEndpoint" authLevel="auth.weak" final="false" resumeState="true">
|
||||
<!-- source: pattern://89578db79d2bc15d55e11141 -->
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ spec:
|
|||
podDisruptionBudget:
|
||||
maxUnavailable: "50%"
|
||||
git:
|
||||
tag: "r-c1f967206031c07e593aa2ffabb8e9cd9d52d049"
|
||||
tag: "r-037e6dff11b107c9a9ce0551a345b013cfe756dd"
|
||||
dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi"
|
||||
credentials: "git-credentials"
|
||||
keystores:
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
<param-name>SectokenVerifierCert</param-name>
|
||||
<param-value>/var/opt/keys/trust/npi-cossa-realm-signer-trust/truststore.pem</param-value>
|
||||
</context-param>
|
||||
<!-- source: pattern://92e282d1dc2b69d9e4f91fc0, pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<filter>
|
||||
<filter-name>AuthenticationService_cossa_realm</filter-name>
|
||||
<filter-class>ch::nevis::isiweb4::filter::auth::IdentityCreationFilter</filter-class>
|
||||
|
|
@ -143,7 +143,7 @@
|
|||
</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
<!-- source: pattern://92e282d1dc2b69d9e4f91fc0, pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<filter>
|
||||
<filter-name>SessionHandler_cossa_realm</filter-name>
|
||||
<filter-class>ch::nevis::nevisproxy::filter::session::SessionManagementFilter</filter-class>
|
||||
|
|
@ -198,11 +198,10 @@
|
|||
<filter-name>ResponseHeader_Default</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
<!-- source: pattern://92e282d1dc2b69d9e4f91fc0, pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<filter-mapping>
|
||||
<filter-name>SessionHandler_cossa_realm</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
<exclude-url-regex>^/errorpages.*$|^/favicon.ico$|^/index.html$|^/nevislogrend/.*$|^/resources.*$</exclude-url-regex>
|
||||
<url-pattern>/token/*</url-pattern>
|
||||
</filter-mapping>
|
||||
<!-- source: pattern://cc0434226c610ad74ffbf1d1 -->
|
||||
<filter-mapping>
|
||||
|
|
@ -214,11 +213,10 @@
|
|||
<filter-name>CSRF_Default</filter-name>
|
||||
<url-pattern>/oauth/introspect2/*</url-pattern>
|
||||
</filter-mapping>
|
||||
<!-- source: pattern://92e282d1dc2b69d9e4f91fc0, pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<filter-mapping>
|
||||
<filter-name>AuthenticationService_cossa_realm</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
<exclude-url-regex>^/errorpages.*$|^/favicon.ico$|^/index.html$|^/nevislogrend/.*$|^/oauth/introspect2/.*$|^/resources.*$</exclude-url-regex>
|
||||
<url-pattern>/token/*</url-pattern>
|
||||
</filter-mapping>
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<listener>
|
||||
|
|
@ -405,11 +403,6 @@
|
|||
<param-value>/nevislogrend</param-value>
|
||||
</init-param>
|
||||
</servlet>
|
||||
<!-- source: pattern://4b8f4de5fefd5f33774df841 -->
|
||||
<servlet-mapping>
|
||||
<servlet-name>Hosting_Default</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
<!-- source: pattern://7dc20659babc66c4401ce0dd -->
|
||||
<servlet-mapping>
|
||||
<servlet-name>NevisLogrendConnector_New_nevisLogrend_Instance</servlet-name>
|
||||
|
|
@ -420,21 +413,14 @@
|
|||
<servlet-name>Connector_cossa_realm_REST2</servlet-name>
|
||||
<url-pattern>/oauth/introspect2/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
<!-- source: pattern://4b8f4de5fefd5f33774df841 -->
|
||||
<servlet-mapping>
|
||||
<servlet-name>Hosting_Default</servlet-name>
|
||||
<url-pattern>/index.html</url-pattern>
|
||||
<url-pattern>/token/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
<servlet-mapping>
|
||||
<servlet-name>Hosting_Default</servlet-name>
|
||||
<url-pattern>/favicon.ico</url-pattern>
|
||||
</servlet-mapping>
|
||||
<servlet-mapping>
|
||||
<servlet-name>Hosting_Default</servlet-name>
|
||||
<url-pattern>/resources/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
<servlet-mapping>
|
||||
<servlet-name>Hosting_Default</servlet-name>
|
||||
<url-pattern>/errorpages/*</url-pattern>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
<!-- source: pattern://23dc4a9fcc79a12d82662747 -->
|
||||
<mime-mapping>
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
<param-name>SectokenVerifierCert</param-name>
|
||||
<param-value>/var/opt/keys/trust/npi-cossa-realm-signer-trust/truststore.pem</param-value>
|
||||
</context-param>
|
||||
<!-- source: pattern://92e282d1dc2b69d9e4f91fc0, pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<filter>
|
||||
<filter-name>AuthenticationService_cossa_realm</filter-name>
|
||||
<filter-class>ch::nevis::isiweb4::filter::auth::IdentityCreationFilter</filter-class>
|
||||
|
|
@ -130,7 +130,7 @@
|
|||
</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
<!-- source: pattern://92e282d1dc2b69d9e4f91fc0, pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<filter>
|
||||
<filter-name>SessionHandler_cossa_realm</filter-name>
|
||||
<filter-class>ch::nevis::nevisproxy::filter::session::SessionManagementFilter</filter-class>
|
||||
|
|
|
|||
Loading…
Reference in New Issue