new configuration version
This commit is contained in:
mamo
parent
4956b48ff0
commit
8fac4d4910
|
|
@ -45,7 +45,7 @@ spec:
|
||||||
podDisruptionBudget:
|
podDisruptionBudget:
|
||||||
maxUnavailable: "50%"
|
maxUnavailable: "50%"
|
||||||
git:
|
git:
|
||||||
tag: "r-c1f967206031c07e593aa2ffabb8e9cd9d52d049"
|
tag: "r-037e6dff11b107c9a9ce0551a345b013cfe756dd"
|
||||||
dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai"
|
dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai"
|
||||||
credentials: "git-credentials"
|
credentials: "git-credentials"
|
||||||
keystores:
|
keystores:
|
||||||
|
|
|
||||||
|
|
@ -55,13 +55,13 @@
|
||||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||||
<Domain name="cossa_realm" default="false" inactiveInterval="7200" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
|
<Domain name="cossa_realm" default="false" inactiveInterval="7200" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
|
||||||
<Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint"/>
|
<Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint"/>
|
||||||
<Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/.*$:true}"/>
|
|
||||||
<Entry method="authenticate" state="cossa_realm_AuthorizationServer_New_OAuth_2.0_Authorization_Server_OpenID_Provider" selector="${request:currentResource:^http[s]?\u003A//[^/]+/oauth/authorize($|\?.*)$:true}"/>
|
<Entry method="authenticate" state="cossa_realm_AuthorizationServer_New_OAuth_2.0_Authorization_Server_OpenID_Provider" selector="${request:currentResource:^http[s]?\u003A//[^/]+/oauth/authorize($|\?.*)$:true}"/>
|
||||||
<Entry method="authenticate" state="cossa_realm_AuthorizationServer_New_OAuth_2.0_Authorization_Server_OpenID_Provider" selector="${request:currentResource:^http[s]?\u003A//[^/]+/oauth/token($|\?.*)$:true}"/>
|
<Entry method="authenticate" state="cossa_realm_AuthorizationServer_New_OAuth_2.0_Authorization_Server_OpenID_Provider" selector="${request:currentResource:^http[s]?\u003A//[^/]+/oauth/token($|\?.*)$:true}"/>
|
||||||
|
<Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
|
||||||
<Entry method="stepup" state="cossa_realm_Selector"/>
|
<Entry method="stepup" state="cossa_realm_Selector"/>
|
||||||
<Entry method="stepup" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/.*$:true}"/>
|
|
||||||
<Entry method="stepup" state="cossa_realm_AuthorizationServer_New_OAuth_2.0_Authorization_Server_OpenID_Provider" selector="${request:currentResource:^http[s]?\u003A//[^/]+/oauth/authorize($|\?.*)$:true}"/>
|
<Entry method="stepup" state="cossa_realm_AuthorizationServer_New_OAuth_2.0_Authorization_Server_OpenID_Provider" selector="${request:currentResource:^http[s]?\u003A//[^/]+/oauth/authorize($|\?.*)$:true}"/>
|
||||||
<Entry method="stepup" state="cossa_realm_AuthorizationServer_New_OAuth_2.0_Authorization_Server_OpenID_Provider" selector="${request:currentResource:^http[s]?\u003A//[^/]+/oauth/token($|\?.*)$:true}"/>
|
<Entry method="stepup" state="cossa_realm_AuthorizationServer_New_OAuth_2.0_Authorization_Server_OpenID_Provider" selector="${request:currentResource:^http[s]?\u003A//[^/]+/oauth/token($|\?.*)$:true}"/>
|
||||||
|
<Entry method="stepup" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
|
||||||
</Domain>
|
</Domain>
|
||||||
<AuthState name="cossa_realm_TokenExchangeEndpoint" class="ch.adnovum.cossa.TokenExchangeEndpoint" authLevel="auth.weak" final="false" resumeState="true">
|
<AuthState name="cossa_realm_TokenExchangeEndpoint" class="ch.adnovum.cossa.TokenExchangeEndpoint" authLevel="auth.weak" final="false" resumeState="true">
|
||||||
<!-- source: pattern://89578db79d2bc15d55e11141 -->
|
<!-- source: pattern://89578db79d2bc15d55e11141 -->
|
||||||
|
|
|
||||||
|
|
@ -46,7 +46,7 @@ spec:
|
||||||
podDisruptionBudget:
|
podDisruptionBudget:
|
||||||
maxUnavailable: "50%"
|
maxUnavailable: "50%"
|
||||||
git:
|
git:
|
||||||
tag: "r-c1f967206031c07e593aa2ffabb8e9cd9d52d049"
|
tag: "r-037e6dff11b107c9a9ce0551a345b013cfe756dd"
|
||||||
dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi"
|
dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi"
|
||||||
credentials: "git-credentials"
|
credentials: "git-credentials"
|
||||||
keystores:
|
keystores:
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,7 @@
|
||||||
<param-name>SectokenVerifierCert</param-name>
|
<param-name>SectokenVerifierCert</param-name>
|
||||||
<param-value>/var/opt/keys/trust/npi-cossa-realm-signer-trust/truststore.pem</param-value>
|
<param-value>/var/opt/keys/trust/npi-cossa-realm-signer-trust/truststore.pem</param-value>
|
||||||
</context-param>
|
</context-param>
|
||||||
<!-- source: pattern://92e282d1dc2b69d9e4f91fc0, pattern://b67f81a971e4c08aa79040a2 -->
|
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||||
<filter>
|
<filter>
|
||||||
<filter-name>AuthenticationService_cossa_realm</filter-name>
|
<filter-name>AuthenticationService_cossa_realm</filter-name>
|
||||||
<filter-class>ch::nevis::isiweb4::filter::auth::IdentityCreationFilter</filter-class>
|
<filter-class>ch::nevis::isiweb4::filter::auth::IdentityCreationFilter</filter-class>
|
||||||
|
|
@ -143,7 +143,7 @@
|
||||||
</param-value>
|
</param-value>
|
||||||
</init-param>
|
</init-param>
|
||||||
</filter>
|
</filter>
|
||||||
<!-- source: pattern://92e282d1dc2b69d9e4f91fc0, pattern://b67f81a971e4c08aa79040a2 -->
|
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||||
<filter>
|
<filter>
|
||||||
<filter-name>SessionHandler_cossa_realm</filter-name>
|
<filter-name>SessionHandler_cossa_realm</filter-name>
|
||||||
<filter-class>ch::nevis::nevisproxy::filter::session::SessionManagementFilter</filter-class>
|
<filter-class>ch::nevis::nevisproxy::filter::session::SessionManagementFilter</filter-class>
|
||||||
|
|
@ -198,11 +198,10 @@
|
||||||
<filter-name>ResponseHeader_Default</filter-name>
|
<filter-name>ResponseHeader_Default</filter-name>
|
||||||
<url-pattern>/*</url-pattern>
|
<url-pattern>/*</url-pattern>
|
||||||
</filter-mapping>
|
</filter-mapping>
|
||||||
<!-- source: pattern://92e282d1dc2b69d9e4f91fc0, pattern://b67f81a971e4c08aa79040a2 -->
|
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||||
<filter-mapping>
|
<filter-mapping>
|
||||||
<filter-name>SessionHandler_cossa_realm</filter-name>
|
<filter-name>SessionHandler_cossa_realm</filter-name>
|
||||||
<url-pattern>/*</url-pattern>
|
<url-pattern>/token/*</url-pattern>
|
||||||
<exclude-url-regex>^/errorpages.*$|^/favicon.ico$|^/index.html$|^/nevislogrend/.*$|^/resources.*$</exclude-url-regex>
|
|
||||||
</filter-mapping>
|
</filter-mapping>
|
||||||
<!-- source: pattern://cc0434226c610ad74ffbf1d1 -->
|
<!-- source: pattern://cc0434226c610ad74ffbf1d1 -->
|
||||||
<filter-mapping>
|
<filter-mapping>
|
||||||
|
|
@ -214,11 +213,10 @@
|
||||||
<filter-name>CSRF_Default</filter-name>
|
<filter-name>CSRF_Default</filter-name>
|
||||||
<url-pattern>/oauth/introspect2/*</url-pattern>
|
<url-pattern>/oauth/introspect2/*</url-pattern>
|
||||||
</filter-mapping>
|
</filter-mapping>
|
||||||
<!-- source: pattern://92e282d1dc2b69d9e4f91fc0, pattern://b67f81a971e4c08aa79040a2 -->
|
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||||
<filter-mapping>
|
<filter-mapping>
|
||||||
<filter-name>AuthenticationService_cossa_realm</filter-name>
|
<filter-name>AuthenticationService_cossa_realm</filter-name>
|
||||||
<url-pattern>/*</url-pattern>
|
<url-pattern>/token/*</url-pattern>
|
||||||
<exclude-url-regex>^/errorpages.*$|^/favicon.ico$|^/index.html$|^/nevislogrend/.*$|^/oauth/introspect2/.*$|^/resources.*$</exclude-url-regex>
|
|
||||||
</filter-mapping>
|
</filter-mapping>
|
||||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||||
<listener>
|
<listener>
|
||||||
|
|
@ -405,11 +403,6 @@
|
||||||
<param-value>/nevislogrend</param-value>
|
<param-value>/nevislogrend</param-value>
|
||||||
</init-param>
|
</init-param>
|
||||||
</servlet>
|
</servlet>
|
||||||
<!-- source: pattern://4b8f4de5fefd5f33774df841 -->
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>Hosting_Default</servlet-name>
|
|
||||||
<url-pattern>/*</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
<!-- source: pattern://7dc20659babc66c4401ce0dd -->
|
<!-- source: pattern://7dc20659babc66c4401ce0dd -->
|
||||||
<servlet-mapping>
|
<servlet-mapping>
|
||||||
<servlet-name>NevisLogrendConnector_New_nevisLogrend_Instance</servlet-name>
|
<servlet-name>NevisLogrendConnector_New_nevisLogrend_Instance</servlet-name>
|
||||||
|
|
@ -420,21 +413,14 @@
|
||||||
<servlet-name>Connector_cossa_realm_REST2</servlet-name>
|
<servlet-name>Connector_cossa_realm_REST2</servlet-name>
|
||||||
<url-pattern>/oauth/introspect2/*</url-pattern>
|
<url-pattern>/oauth/introspect2/*</url-pattern>
|
||||||
</servlet-mapping>
|
</servlet-mapping>
|
||||||
|
<!-- source: pattern://4b8f4de5fefd5f33774df841 -->
|
||||||
<servlet-mapping>
|
<servlet-mapping>
|
||||||
<servlet-name>Hosting_Default</servlet-name>
|
<servlet-name>Hosting_Default</servlet-name>
|
||||||
<url-pattern>/index.html</url-pattern>
|
<url-pattern>/token/*</url-pattern>
|
||||||
</servlet-mapping>
|
</servlet-mapping>
|
||||||
<servlet-mapping>
|
<servlet-mapping>
|
||||||
<servlet-name>Hosting_Default</servlet-name>
|
<servlet-name>Hosting_Default</servlet-name>
|
||||||
<url-pattern>/favicon.ico</url-pattern>
|
<url-pattern>/*</url-pattern>
|
||||||
</servlet-mapping>
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>Hosting_Default</servlet-name>
|
|
||||||
<url-pattern>/resources/*</url-pattern>
|
|
||||||
</servlet-mapping>
|
|
||||||
<servlet-mapping>
|
|
||||||
<servlet-name>Hosting_Default</servlet-name>
|
|
||||||
<url-pattern>/errorpages/*</url-pattern>
|
|
||||||
</servlet-mapping>
|
</servlet-mapping>
|
||||||
<!-- source: pattern://23dc4a9fcc79a12d82662747 -->
|
<!-- source: pattern://23dc4a9fcc79a12d82662747 -->
|
||||||
<mime-mapping>
|
<mime-mapping>
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,7 @@
|
||||||
<param-name>SectokenVerifierCert</param-name>
|
<param-name>SectokenVerifierCert</param-name>
|
||||||
<param-value>/var/opt/keys/trust/npi-cossa-realm-signer-trust/truststore.pem</param-value>
|
<param-value>/var/opt/keys/trust/npi-cossa-realm-signer-trust/truststore.pem</param-value>
|
||||||
</context-param>
|
</context-param>
|
||||||
<!-- source: pattern://92e282d1dc2b69d9e4f91fc0, pattern://b67f81a971e4c08aa79040a2 -->
|
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||||
<filter>
|
<filter>
|
||||||
<filter-name>AuthenticationService_cossa_realm</filter-name>
|
<filter-name>AuthenticationService_cossa_realm</filter-name>
|
||||||
<filter-class>ch::nevis::isiweb4::filter::auth::IdentityCreationFilter</filter-class>
|
<filter-class>ch::nevis::isiweb4::filter::auth::IdentityCreationFilter</filter-class>
|
||||||
|
|
@ -130,7 +130,7 @@
|
||||||
</param-value>
|
</param-value>
|
||||||
</init-param>
|
</init-param>
|
||||||
</filter>
|
</filter>
|
||||||
<!-- source: pattern://92e282d1dc2b69d9e4f91fc0, pattern://b67f81a971e4c08aa79040a2 -->
|
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||||
<filter>
|
<filter>
|
||||||
<filter-name>SessionHandler_cossa_realm</filter-name>
|
<filter-name>SessionHandler_cossa_realm</filter-name>
|
||||||
<filter-class>ch::nevis::nevisproxy::filter::session::SessionManagementFilter</filter-class>
|
<filter-class>ch::nevis::nevisproxy::filter::session::SessionManagementFilter</filter-class>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue