new configuration version
This commit is contained in:
mamo
parent
fcc6f8921e
commit
d448f67b4e
|
|
@ -45,7 +45,7 @@ spec:
|
|||
podDisruptionBudget:
|
||||
maxUnavailable: "50%"
|
||||
git:
|
||||
tag: "r-d3e70c904acea08e3b82cdcdafb6d8ea8d362a68"
|
||||
tag: "r-46aac91ab16767e23a153cac7cf841ccf43f23a5"
|
||||
dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai"
|
||||
credentials: "git-credentials"
|
||||
keystores:
|
||||
|
|
|
|||
|
|
@ -12,5 +12,5 @@ spec:
|
|||
keystores:
|
||||
- name: "npi-cossa-realm-identity"
|
||||
namespace: "adn-postit-tknxchng-01-dev"
|
||||
- name: "npi-new-authentication-realm-identity"
|
||||
- name: "npi-mockrelam-identity"
|
||||
namespace: "adn-postit-tknxchng-01-dev"
|
||||
|
|
|
|||
|
|
@ -48,44 +48,70 @@
|
|||
<!-- source: pattern://6ec6739e824c8e56d9633622, pattern://8523f0587aa8cfa7008f8171, pattern://6ec6739e824c8e56d9633622 -->
|
||||
<AuthEngine useLiteralDictionary="true" literalDictionaryLanguages="en,de,fr,it" inputLanguageCookie="LANG" compatLevel="none" addAutheLevelToSecRoles="true" classPath="/var/opt/nevisauth/default/plugin:/opt/nevisauth/plugin" propagateSession="false">
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<Domain name="New_Authentication_Realm" default="false" inactiveInterval="7200" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
|
||||
<Entry method="authenticate" state="New_Authentication_Realm_New_JSON_Response_Step1"/>
|
||||
<Entry method="stepup" state="New_Authentication_Realm_Selector"/>
|
||||
<Domain name="MockRelam" default="false" inactiveInterval="7200" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
|
||||
<Entry method="authenticate" state="MockRelam_DispatchMockRequests"/>
|
||||
<Entry method="stepup" state="MockRelam_Selector"/>
|
||||
</Domain>
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<Domain name="cossa_realm" default="false" inactiveInterval="7200" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
|
||||
<Entry method="authenticate" state="cossa_realm_AuthorizationServer"/>
|
||||
<Entry method="authenticate" state="cossa_realm_AuthorizationServer" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
|
||||
<Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint"/>
|
||||
<Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
|
||||
<Entry method="logout" state="cossa_realm_AuthorizationServer"/>
|
||||
<Entry method="logout" state="cossa_realm_AuthorizationServer" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
|
||||
<Entry method="stepup" state="cossa_realm_Selector"/>
|
||||
<Entry method="stepup" state="cossa_realm_AuthorizationServer" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
|
||||
<Entry method="stepup" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
|
||||
</Domain>
|
||||
<AuthState name="New_Authentication_Realm_New_JSON_Response_Step1" class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState" final="true" resumeState="false">
|
||||
<AuthState name="MockRelam_DispatchMockRequests" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
|
||||
<!-- source: pattern://1641a38402138546573b7e71 -->
|
||||
<ResultCond name="metadata" next="MockRelam_MetadataMock"/>
|
||||
<!-- source: pattern://1641a38402138546573b7e71 -->
|
||||
<ResultCond name="nomatch" next="MockRelam_KlpApiMock"/>
|
||||
<!-- source: pattern://1641a38402138546573b7e71 -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://1641a38402138546573b7e71 -->
|
||||
<Arg name="ch.nevis.isiweb4.response.status" value="403"/>
|
||||
</Response>
|
||||
<!-- source: pattern://1641a38402138546573b7e71 -->
|
||||
<property name="condition:metadata" value="${request:currentResource:/metadata:true}"/>
|
||||
</AuthState>
|
||||
<AuthState name="MockRelam_MetadataMock" class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState" final="true" resumeState="false">
|
||||
<!-- source: pattern://0600a4bbdea68c3aaa2fd10f -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://0600a4bbdea68c3aaa2fd10f -->
|
||||
<Gui name="none"/>
|
||||
</Response>
|
||||
<!-- source: pattern://0600a4bbdea68c3aaa2fd10f -->
|
||||
<property name="content" value="file:///var/opt/nevisauth/default/conf/mockrelam_metadatamock.json"/>
|
||||
<!-- source: pattern://0600a4bbdea68c3aaa2fd10f -->
|
||||
<property name="contentType" value="application/json"/>
|
||||
<!-- source: pattern://0600a4bbdea68c3aaa2fd10f -->
|
||||
<property name="statusCode" value="200"/>
|
||||
</AuthState>
|
||||
<AuthState name="MockRelam_KlpApiMock" class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState" final="true" resumeState="false">
|
||||
<!-- source: pattern://3f7b857b6d35114fcd8c4984 -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://3f7b857b6d35114fcd8c4984 -->
|
||||
<Gui name="none"/>
|
||||
</Response>
|
||||
<!-- source: pattern://3f7b857b6d35114fcd8c4984 -->
|
||||
<property name="content" value="file:///var/opt/nevisauth/default/conf/new_authentication_realm_new_json_response_step1.json"/>
|
||||
<property name="content" value="file:///var/opt/nevisauth/default/conf/mockrelam_klpapimock.json"/>
|
||||
<!-- source: pattern://3f7b857b6d35114fcd8c4984 -->
|
||||
<property name="contentType" value="application/json"/>
|
||||
<!-- source: pattern://3f7b857b6d35114fcd8c4984 -->
|
||||
<property name="statusCode" value="200"/>
|
||||
</AuthState>
|
||||
<AuthState name="New_Authentication_Realm_Selector" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
|
||||
<AuthState name="MockRelam_Selector" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<ResultCond name="nomatch" next="New_Authentication_Realm_Prepare_Done"/>
|
||||
<ResultCond name="nomatch" next="MockRelam_Prepare_Done"/>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<Arg name="ch.nevis.isiweb4.response.status" value="403"/>
|
||||
</Response>
|
||||
</AuthState>
|
||||
<AuthState name="New_Authentication_Realm_Prepare_Done" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
|
||||
<AuthState name="MockRelam_Prepare_Done" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<ResultCond name="default" next="New_Authentication_Realm_Auth_Done"/>
|
||||
<ResultCond name="default" next="MockRelam_Auth_Done"/>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<Response value="AUTH_DONE">
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
|
|
@ -94,13 +120,126 @@
|
|||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/prepare_done.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="New_Authentication_Realm_Auth_Done" class="ch.nevis.esauth.auth.states.standard.AuthDone" final="false">
|
||||
<AuthState name="MockRelam_Auth_Done" class="ch.nevis.esauth.auth.states.standard.AuthDone" final="false">
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<Response value="AUTH_DONE">
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<Gui name="ContinueResponse"/>
|
||||
</Response>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_TokenExchangeEndpoint" class="ch.adnovum.cossa.TokenExchangeEndpoint" authLevel="auth.weak" final="false" resumeState="true">
|
||||
<!-- source: pattern://89578db79d2bc15d55e11141 -->
|
||||
<ResultCond name="failed" next="cossa_realm_auth_failed"/>
|
||||
<!-- source: pattern://89578db79d2bc15d55e11141 -->
|
||||
<ResultCond name="ok" next="cossa_realm_IdTokenVerification"/>
|
||||
<!-- source: pattern://89578db79d2bc15d55e11141 -->
|
||||
<Response value="AUTH_CONTINUE">
|
||||
<!-- source: pattern://89578db79d2bc15d55e11141 -->
|
||||
<Gui name="Default"/>
|
||||
</Response>
|
||||
<!-- source: pattern://89578db79d2bc15d55e11141 -->
|
||||
<property name="clientId" value="client1"/>
|
||||
<!-- source: pattern://89578db79d2bc15d55e11141 -->
|
||||
<property name="clientSecret" value="clientPassword"/>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_auth_failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="false">
|
||||
<!-- source: pattern://72e29eb80a951e518ce123e4 -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://72e29eb80a951e518ce123e4 -->
|
||||
<Gui name="Error">
|
||||
<!-- source: pattern://72e29eb80a951e518ce123e4 -->
|
||||
<GuiElem name="info" type="error" label="error_99"/>
|
||||
<!-- source: pattern://72e29eb80a951e518ce123e4 -->
|
||||
<GuiElem name="submit" type="button" label="continue.button.label"/>
|
||||
</Gui>
|
||||
</Response>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_IdTokenVerification" class="ch.adnovum.cossa.IdTokenVerification" final="false" resumeState="false">
|
||||
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
|
||||
<ResultCond name="failed" next="cossa_realm_Authentication_Failed"/>
|
||||
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
|
||||
<ResultCond name="ok" next="cossa_realm_CallRestApi"/>
|
||||
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
|
||||
<Response value="AUTH_CONTINUE">
|
||||
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
|
||||
<Gui name="Default"/>
|
||||
</Response>
|
||||
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
|
||||
<property name="Issuer" value="https://login.sandbox.pre.swissid.ch:443/idp/oauth2"/>
|
||||
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
|
||||
<property name="clientId" value="klp-client"/>
|
||||
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
|
||||
<property name="jwkSetURL" value="https://login.sandbox.pre.swissid.ch/idp/oauth2/connect/jwk_uri"/>
|
||||
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
|
||||
<property name="httpclient.tls.trustAll" value="true"/>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_Authentication_Failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="false">
|
||||
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79, pattern://a976546c6a56dc04c0d34592 -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79, pattern://a976546c6a56dc04c0d34592 -->
|
||||
<Gui name="Error">
|
||||
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79, pattern://a976546c6a56dc04c0d34592 -->
|
||||
<GuiElem name="info" type="error" label="error_99"/>
|
||||
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79, pattern://a976546c6a56dc04c0d34592 -->
|
||||
<GuiElem name="submit" type="button" label="continue.button.label"/>
|
||||
</Gui>
|
||||
</Response>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_CallRestApi" class="ch.adnovum.cossa.CallPolicyVerificationAPI" final="false" resumeState="false">
|
||||
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
|
||||
<ResultCond name="failed" next="cossa_realm_Authentication_Failed"/>
|
||||
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
|
||||
<ResultCond name="ok" next="cossa_realm_JwtToken"/>
|
||||
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
|
||||
<Response value="AUTH_CONTINUE">
|
||||
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
|
||||
<Gui name="Default"/>
|
||||
</Response>
|
||||
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
|
||||
<property name="Issuer" value="https://login.sandbox.pre.swissid.ch:443/idp/oauth2"/>
|
||||
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
|
||||
<property name="clientId" value="klp-client"/>
|
||||
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
|
||||
<property name="jwkSetURL" value="https://klp.agov-w.azure.adnovum.net/api/endpoint"/>
|
||||
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
|
||||
<property name="httpclient.tls.trustAll" value="true"/>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_JwtToken" class="ch.nevis.esauth.auth.states.jwt.JWTToken" final="false" resumeState="true">
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<ResultCond name="ok" next="cossa_realm_Prepare_Done"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<Response value="AUTH_ERROR"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<property name="out.audience" value="https://www.adnovum.ch"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<property name="out.issuer" value="https://my.nevis.server"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<property name="out.time_to_live" value="86400"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<property name="token.algorithm" value="RS256"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<property name="keystoreref" value="JwtToken"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<property name="keyobjectref" value="tokensigner"/>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_Prepare_Done" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<ResultCond name="default" next="cossa_realm_Auth_Done"/>
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<Response value="AUTH_DONE">
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<Gui name="ContinueResponse"/>
|
||||
</Response>
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/prepare_done.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_Auth_Done" class="ch.nevis.esauth.auth.states.standard.AuthDone" final="false">
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<Response value="AUTH_DONE">
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<Gui name="ContinueResponse"/>
|
||||
</Response>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_AuthorizationServer" class="ch.nevis.esauth.auth.states.oauth2.AuthorizationServer" final="false" resumeState="true">
|
||||
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
|
||||
<ResultCond name="authenticate:valid-authorization-request" next="cossa_realm_New_Test_Login"/>
|
||||
|
|
@ -227,54 +366,6 @@
|
|||
<!-- source: pattern://635e4d617af6818edc9ae7c9 -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/new_test_login.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_auth_failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="false">
|
||||
<!-- source: pattern://72e29eb80a951e518ce123e4 -->
|
||||
<Response value="AUTH_ERROR">
|
||||
<!-- source: pattern://72e29eb80a951e518ce123e4 -->
|
||||
<Gui name="Error">
|
||||
<!-- source: pattern://72e29eb80a951e518ce123e4 -->
|
||||
<GuiElem name="info" type="error" label="error_99"/>
|
||||
<!-- source: pattern://72e29eb80a951e518ce123e4 -->
|
||||
<GuiElem name="submit" type="button" label="continue.button.label"/>
|
||||
</Gui>
|
||||
</Response>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_JwtToken" class="ch.nevis.esauth.auth.states.jwt.JWTToken" final="false" resumeState="true">
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<ResultCond name="ok" next="cossa_realm_Prepare_Done"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<Response value="AUTH_ERROR"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<property name="out.audience" value="https://www.adnovum.ch"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<property name="out.issuer" value="https://my.nevis.server"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<property name="out.time_to_live" value="86400"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<property name="token.algorithm" value="RS256"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<property name="keystoreref" value="JwtToken"/>
|
||||
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
|
||||
<property name="keyobjectref" value="tokensigner"/>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_Prepare_Done" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<ResultCond name="default" next="cossa_realm_Auth_Done"/>
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<Response value="AUTH_DONE">
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<Gui name="ContinueResponse"/>
|
||||
</Response>
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<property name="script" value="file:///var/opt/nevisauth/default/conf/prepare_done.groovy"/>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_Auth_Done" class="ch.nevis.esauth.auth.states.standard.AuthDone" final="false">
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<Response value="AUTH_DONE">
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<Gui name="ContinueResponse"/>
|
||||
</Response>
|
||||
</AuthState>
|
||||
<AuthState name="cossa_realm_Selector" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
|
||||
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
|
||||
<ResultCond name="nomatch" next="cossa_realm_Prepare_Done"/>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,404 @@
|
|||
{
|
||||
"Client":[
|
||||
{
|
||||
"id":"Client_69d3027cf5ae36b9e2b18cc9cfd9f0fe",
|
||||
"owner":"andrea",
|
||||
"name":"fake-openid",
|
||||
"link":"rest/modules/oauthv2/setups/Setup_b00528a7a0edc1df1a6b95240d704600/entities/Client_69d3027cf5ae36b9e2b18cc9cfd9f0fe",
|
||||
"meta":[
|
||||
{
|
||||
"name":"klp_application",
|
||||
"value":"fakemobileoauth"
|
||||
}
|
||||
],
|
||||
"otherAttributes":{
|
||||
"client_name#de":"Fake OpenID de",
|
||||
"client_name#fr":"Fake OpenID fr",
|
||||
"client_name#it":"Fake OpenID it",
|
||||
"client_name":"Fake OpenID en"
|
||||
},
|
||||
"scopes":[
|
||||
{
|
||||
"value":"MONITOR",
|
||||
"resource_id":"ResourceServer_ea7d36ec2adb5857de7dda7cbbbbbbd8",
|
||||
"resource_name":"MONITORING-AGB"
|
||||
},
|
||||
{
|
||||
"value":"address",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"birthdate",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"email",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"name",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"no_consent_required",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"offline_access",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"openid",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"phone",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"phone_number",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"profile",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
}
|
||||
],
|
||||
"contacts":[
|
||||
"br, g, o, io"
|
||||
],
|
||||
"valid_from":"2023-10-04T12:58:16.000Z",
|
||||
"redirect_uris":[
|
||||
"http://vkld02.pnet.ch:7024/obtainingTokens",
|
||||
"https://fakeextint1.post.ch/openid/obtainingTokens"
|
||||
],
|
||||
"response_types":[
|
||||
"code"
|
||||
],
|
||||
"grant_types":[
|
||||
"authorization_code",
|
||||
"refresh_token"
|
||||
],
|
||||
"client_id":"fake-openid",
|
||||
"client_secret":"fake-openid-secret",
|
||||
"client_uri":"https://iam.post.ch",
|
||||
"default_max_age":-1,
|
||||
"confidentiality_type":"confidential",
|
||||
"pkce_mode":"allowed",
|
||||
"require_auth_time":false,
|
||||
"token_endpoint_auth_method":"client_secret_basic",
|
||||
"jwks_uri":"",
|
||||
"logo_uri":"/login/resources/nevislogrend/applications/def/webdata/images/openid_connect.png",
|
||||
"access_token_ttl":30,
|
||||
"id_token_ttl":600,
|
||||
"refresh_token_ttl":86400,
|
||||
"presisted_consent_ttl":31104000,
|
||||
"force_authentication":false,
|
||||
"require_pushed_authorization_requests":false,
|
||||
"id_token_signed_response_alg":"RS256",
|
||||
"id_token_encrypted_response_alg":"none",
|
||||
"id_token_encrypted_response_enc":"none"
|
||||
},
|
||||
{
|
||||
"id":"Client_69d3027cf5ae36b9e2b18cc9cfd9f0fd",
|
||||
"owner":"pippo",
|
||||
"name":"COSSA - Monitoring Client",
|
||||
"link":"rest/modules/oauthv2/setups/Setup_b00528a7a0edc1df1a6b95240d704600/entities/Client_69d3027cf5ae36b9e2b18cc9cfd9f0fd",
|
||||
"meta":[
|
||||
{
|
||||
"name":"klp_application",
|
||||
"value":"cossa"
|
||||
},
|
||||
{
|
||||
"name":"test_monitor_meta",
|
||||
"value":"aaa"
|
||||
},
|
||||
{
|
||||
"name":"Shop_DebiNr",
|
||||
"value":"11111111111"
|
||||
}
|
||||
],
|
||||
"otherAttributes":{
|
||||
"client_name#de":"Fake OpenID de",
|
||||
"client_name#fr":"Fake OpenID fr",
|
||||
"client_name#it":"Fake OpenID it",
|
||||
"client_name":"Fake OpenID en"
|
||||
},
|
||||
"scopes":[
|
||||
{
|
||||
"value":"MONITOR",
|
||||
"resource_id":"ResourceServer_ea7d36ec2adb5857de7dda7cbbbbbbd8",
|
||||
"resource_name":"MONITORING-AGB"
|
||||
},
|
||||
{
|
||||
"value":"address",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"birthdate",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"email",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"name",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"no_consent_required",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"offline_access",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"openid",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"phone",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"phone_number",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
},
|
||||
{
|
||||
"value":"profile",
|
||||
"resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"resource_name":"UserInfo"
|
||||
}
|
||||
],
|
||||
"contacts":[
|
||||
"pippo"
|
||||
],
|
||||
"valid_from":"2023-10-04T12:58:16.000Z",
|
||||
"redirect_uris":[
|
||||
"http://iam.post.ch/monitoring/cossa",
|
||||
"https://iam.post.ch/monitoring/back",
|
||||
"https://test.post.ch/pippo/back"
|
||||
],
|
||||
"response_types":[
|
||||
"code"
|
||||
],
|
||||
"grant_types":[
|
||||
"authorization_code",
|
||||
"client_credentials",
|
||||
"refresh_token"
|
||||
],
|
||||
"client_id":"14c3890f8d8f4da3efdd61d29f24caa3",
|
||||
"client_secret":"e6678df835d5e1a6b45f4acbe3467ec2",
|
||||
"client_uri":"https://iam.post.ch",
|
||||
"default_max_age":-1,
|
||||
"confidentiality_type":"confidential",
|
||||
"pkce_mode":"allowed",
|
||||
"require_auth_time":false,
|
||||
"token_endpoint_auth_method":"client_secret_basic",
|
||||
"jwks_uri":"",
|
||||
"logo_uri":"/login/resources/nevislogrend/applications/def/webdata/images/openid_connect.png",
|
||||
"access_token_ttl":30,
|
||||
"id_token_ttl":600,
|
||||
"refresh_token_ttl":86400,
|
||||
"presisted_consent_ttl":31104000,
|
||||
"force_authentication":false,
|
||||
"require_pushed_authorization_requests":false,
|
||||
"id_token_signed_response_alg":"RS256",
|
||||
"id_token_encrypted_response_alg":"none",
|
||||
"id_token_encrypted_response_enc":"none"
|
||||
}
|
||||
],
|
||||
"ResourceServer":[
|
||||
{
|
||||
"id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"owner":"oly",
|
||||
"name":"UserInfo",
|
||||
"link":"rest/modules/oauthv2/setups/Setup_b00528a7a0edc1df1a6b95240d704600/entities/ResourceServer_561f4822c98d39267d95d3d62502e70f",
|
||||
"meta":[
|
||||
|
||||
],
|
||||
"otherAttributes":{
|
||||
|
||||
},
|
||||
"scope":[
|
||||
{
|
||||
"value":"address",
|
||||
"otherAttributes":{
|
||||
"scope_name#fr":"Adresse",
|
||||
"scope_name#it":"Indirizzo",
|
||||
"scope_name#de":"Addresse",
|
||||
"scope_description":"http://openid.com",
|
||||
"scope_name#en":"Address"
|
||||
},
|
||||
"implicit_grant_policy":"disallowed",
|
||||
"authorization_grant_policy":"consent_persisted",
|
||||
"refresh_token_grant_policy":"no_consent_required",
|
||||
"authentication_required":false
|
||||
},
|
||||
{
|
||||
"value":"birthdate",
|
||||
"otherAttributes":{
|
||||
"scope_name#fr":"Anniversaire",
|
||||
"scope_name#it":"Data di nascita",
|
||||
"scope_name#de":"Geburtstag",
|
||||
"scope_name#en":"Birthday"
|
||||
},
|
||||
"implicit_grant_policy":"disallowed",
|
||||
"authorization_grant_policy":"consent_persisted",
|
||||
"refresh_token_grant_policy":"no_consent_required",
|
||||
"authentication_required":false
|
||||
},
|
||||
{
|
||||
"value":"email",
|
||||
"otherAttributes":{
|
||||
"scope_name#fr":"Adresse e-mail",
|
||||
"scope_name#it":"E-Mail",
|
||||
"scope_name#de":"E-Mail",
|
||||
"scope_description":"http://openid.com",
|
||||
"scope_name#en":"E-mail address"
|
||||
},
|
||||
"implicit_grant_policy":"disallowed",
|
||||
"authorization_grant_policy":"consent_persisted",
|
||||
"refresh_token_grant_policy":"no_consent_required",
|
||||
"authentication_required":false
|
||||
},
|
||||
{
|
||||
"value":"name",
|
||||
"otherAttributes":{
|
||||
"scope_name#fr":"Nom, Prénom",
|
||||
"scope_name#it":"Cognome, Nome",
|
||||
"scope_name#de":"Name, Vorname",
|
||||
"scope_description":"Name",
|
||||
"scope_name#en":"Last name, First name"
|
||||
},
|
||||
"implicit_grant_policy":"disallowed",
|
||||
"authorization_grant_policy":"consent_persisted",
|
||||
"refresh_token_grant_policy":"no_consent_required",
|
||||
"authentication_required":false
|
||||
},
|
||||
{
|
||||
"value":"no_consent_required",
|
||||
"otherAttributes":{
|
||||
|
||||
},
|
||||
"implicit_grant_policy":"disallowed",
|
||||
"authorization_grant_policy":"no_consent_required",
|
||||
"refresh_token_grant_policy":"no_consent_required",
|
||||
"authentication_required":false
|
||||
},
|
||||
{
|
||||
"value":"offline_access",
|
||||
"otherAttributes":{
|
||||
|
||||
},
|
||||
"implicit_grant_policy":"disallowed",
|
||||
"authorization_grant_policy":"no_consent_required",
|
||||
"refresh_token_grant_policy":"no_consent_required",
|
||||
"authentication_required":false
|
||||
},
|
||||
{
|
||||
"value":"openid",
|
||||
"otherAttributes":{
|
||||
|
||||
},
|
||||
"implicit_grant_policy":"disallowed",
|
||||
"authorization_grant_policy":"consent_persisted",
|
||||
"refresh_token_grant_policy":"no_consent_required",
|
||||
"authentication_required":false
|
||||
},
|
||||
{
|
||||
"value":"phone",
|
||||
"otherAttributes":{
|
||||
"scope_name#fr":"Numéro de telefone",
|
||||
"scope_name#it":"Numero di telefono",
|
||||
"scope_name#de":"Telefonnummer",
|
||||
"scope_description":"User Phone number",
|
||||
"scope_name#en":"Phone number"
|
||||
},
|
||||
"implicit_grant_policy":"disallowed",
|
||||
"authorization_grant_policy":"consent_persisted",
|
||||
"refresh_token_grant_policy":"no_consent_required",
|
||||
"authentication_required":false
|
||||
},
|
||||
{
|
||||
"value":"phone_number",
|
||||
"otherAttributes":{
|
||||
"scope_name#fr":"Numéro de mobile",
|
||||
"scope_name#it":"Numero di cellulare",
|
||||
"scope_name#de":"Mobiltelefonnummer",
|
||||
"scope_description":"User Phone number",
|
||||
"scope_name#en":"Mobile phone number"
|
||||
},
|
||||
"implicit_grant_policy":"disallowed",
|
||||
"authorization_grant_policy":"consent_persisted",
|
||||
"refresh_token_grant_policy":"no_consent_required",
|
||||
"authentication_required":false
|
||||
},
|
||||
{
|
||||
"value":"profile",
|
||||
"otherAttributes":{
|
||||
"scope_name#fr":"Nom, Prénom",
|
||||
"scope_name#it":"Cognome, Nome",
|
||||
"scope_name#de":"Name, Vorname",
|
||||
"scope_description":"http://openid.com",
|
||||
"scope_name#en":"Last name, First name"
|
||||
},
|
||||
"implicit_grant_policy":"disallowed",
|
||||
"authorization_grant_policy":"consent_persisted",
|
||||
"refresh_token_grant_policy":"no_consent_required",
|
||||
"authentication_required":false
|
||||
}
|
||||
],
|
||||
"valid_from":"2023-10-04T12:51:06.000Z",
|
||||
"url":"https://apidev.pnet.ch/UserInfo"
|
||||
},
|
||||
{
|
||||
"id":"ResourceServer_ea7d36ec2adb5857de7dda7cbbbbbbd8",
|
||||
"owner":"oly",
|
||||
"name":"MONITORING-AGB",
|
||||
"link":"rest/modules/oauthv2/setups/Setup_b00528a7a0edc1df1a6b95240d704600/entities/ResourceServer_ea7d36ec2adb5857de7dda7cbbbbbbd8",
|
||||
"meta":[
|
||||
|
||||
],
|
||||
"otherAttributes":{
|
||||
|
||||
},
|
||||
"scope":[
|
||||
{
|
||||
"value":"MONITOR",
|
||||
"otherAttributes":{
|
||||
"scope_description":"Monitoring platform test",
|
||||
"scope_name":"Monitoring platform test"
|
||||
},
|
||||
"implicit_grant_policy":"no_consent_required",
|
||||
"authorization_grant_policy":"no_consent_required",
|
||||
"refresh_token_grant_policy":"no_consent_required",
|
||||
"authentication_required":false
|
||||
}
|
||||
],
|
||||
"valid_from":"2023-10-04T12:53:59.000Z",
|
||||
"url":"https://www.post.ch/oauth/terms"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
@ -44,7 +44,7 @@ spec:
|
|||
podDisruptionBudget:
|
||||
maxUnavailable: "50%"
|
||||
git:
|
||||
tag: "r-78eeff8d6ba71dc7ed7e87ff6d31c337e0e5aafd"
|
||||
tag: "r-46aac91ab16767e23a153cac7cf841ccf43f23a5"
|
||||
dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli"
|
||||
credentials: "git-credentials"
|
||||
podSecurity:
|
||||
|
|
|
|||
|
Before Width: | Height: | Size: 769 B After Width: | Height: | Size: 769 B |
|
Before Width: | Height: | Size: 585 B After Width: | Height: | Size: 585 B |
|
Before Width: | Height: | Size: 386 B After Width: | Height: | Size: 386 B |
|
Before Width: | Height: | Size: 2.4 KiB After Width: | Height: | Size: 2.4 KiB |
|
Before Width: | Height: | Size: 1.3 KiB After Width: | Height: | Size: 1.3 KiB |
|
Before Width: | Height: | Size: 347 B After Width: | Height: | Size: 347 B |
|
Before Width: | Height: | Size: 1.2 KiB After Width: | Height: | Size: 1.2 KiB |
|
Before Width: | Height: | Size: 9.5 KiB After Width: | Height: | Size: 9.5 KiB |
|
Before Width: | Height: | Size: 68 KiB After Width: | Height: | Size: 68 KiB |
|
|
@ -46,21 +46,21 @@ spec:
|
|||
podDisruptionBudget:
|
||||
maxUnavailable: "50%"
|
||||
git:
|
||||
tag: "r-78eeff8d6ba71dc7ed7e87ff6d31c337e0e5aafd"
|
||||
tag: "r-46aac91ab16767e23a153cac7cf841ccf43f23a5"
|
||||
dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi"
|
||||
credentials: "git-credentials"
|
||||
keystores:
|
||||
- "npi-3b41ca4ca1c4028117d16f5b"
|
||||
- "npi-23dc4a9fcc79a12d82662747"
|
||||
- "npi-new-authentication-realm-identity"
|
||||
- "npi-keystore-proxy-auth"
|
||||
- "npi-mockrelam-identity"
|
||||
- "npi-cossa-realm-identity"
|
||||
truststores:
|
||||
- "npi-trsutstore-proxy-auth"
|
||||
- "npi-mockrelam-tls-trust"
|
||||
- "npi-mockrelam-signer-trust"
|
||||
- "npi-cossa-realm-signer-trust"
|
||||
- "npi-new-authentication-realm-tls-trust"
|
||||
- "npi-cossa-realm-tls-trust"
|
||||
- "npi-new-authentication-realm-signer-trust"
|
||||
ingresses:
|
||||
- "npi"
|
||||
podSecurity:
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
apiVersion: "operator.nevis-security.ch/v1"
|
||||
kind: "NevisKeyStore"
|
||||
metadata:
|
||||
name: "npi-new-authentication-realm-identity"
|
||||
name: "npi-mockrelam-identity"
|
||||
namespace: "adn-postit-tknxchng-01-dev"
|
||||
labels:
|
||||
deploymentTarget: "npi"
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
apiVersion: "operator.nevis-security.ch/v1"
|
||||
kind: "NevisTrustStore"
|
||||
metadata:
|
||||
name: "npi-new-authentication-realm-signer-trust"
|
||||
name: "npi-mockrelam-signer-trust"
|
||||
namespace: "adn-postit-tknxchng-01-dev"
|
||||
labels:
|
||||
deploymentTarget: "npi"
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
apiVersion: "operator.nevis-security.ch/v1"
|
||||
kind: "NevisTrustStore"
|
||||
metadata:
|
||||
name: "npi-new-authentication-realm-tls-trust"
|
||||
name: "npi-mockrelam-tls-trust"
|
||||
namespace: "adn-postit-tknxchng-01-dev"
|
||||
labels:
|
||||
deploymentTarget: "npi"
|
||||
|
|
@ -4,16 +4,16 @@
|
|||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<context-param>
|
||||
<param-name>SectokenVerifierCert</param-name>
|
||||
<param-value>/var/opt/keys/trust/npi-new-authentication-realm-signer-trust/truststore.pem</param-value>
|
||||
<param-value>/var/opt/keys/trust/npi-mockrelam-signer-trust/truststore.pem</param-value>
|
||||
</context-param>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171, pattern://92e282d1dc2b69d9e4f91fc0 -->
|
||||
<filter>
|
||||
<filter-name>Authentication_New_Authentication_Realm</filter-name>
|
||||
<filter-name>Authentication_MockRelam</filter-name>
|
||||
<filter-class>ch::nevis::isiweb4::filter::auth::IdentityCreationFilter</filter-class>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
<param-name>AuthenticationServlet</param-name>
|
||||
<param-value>Connector_New_Authentication_Realm</param-value>
|
||||
<param-value>Connector_MockRelam</param-value>
|
||||
</init-param>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
|
|
@ -38,7 +38,7 @@
|
|||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
<param-name>Realm</param-name>
|
||||
<param-value>New_Authentication_Realm</param-value>
|
||||
<param-value>MockRelam</param-value>
|
||||
</init-param>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
|
|
@ -48,7 +48,7 @@
|
|||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
<param-name>StateKey</param-name>
|
||||
<param-value>New_Authentication_Realm</param-value>
|
||||
<param-value>MockRelam</param-value>
|
||||
</init-param>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
|
|
@ -95,7 +95,7 @@
|
|||
</filter>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171, pattern://92e282d1dc2b69d9e4f91fc0 -->
|
||||
<filter>
|
||||
<filter-name>SessionHandler_New_Authentication_Realm</filter-name>
|
||||
<filter-name>SessionHandler_MockRelam</filter-name>
|
||||
<filter-class>ch::nevis::nevisproxy::filter::session::SessionManagementFilter</filter-class>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
|
|
@ -105,7 +105,7 @@
|
|||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
<param-name>Cookie.Name</param-name>
|
||||
<param-value>Session_New_Authentication_Realm</param-value>
|
||||
<param-value>Session_MockRelam</param-value>
|
||||
</init-param>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
|
|
@ -150,13 +150,13 @@
|
|||
</filter-mapping>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171, pattern://92e282d1dc2b69d9e4f91fc0 -->
|
||||
<filter-mapping>
|
||||
<filter-name>SessionHandler_New_Authentication_Realm</filter-name>
|
||||
<filter-name>SessionHandler_MockRelam</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
<exclude-url-regex>^/errorpages.*$|^/favicon.ico$|^/hallo.txt$|^/index.html$|^/nevislogrend/.*$|^/resources.*$</exclude-url-regex>
|
||||
</filter-mapping>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171, pattern://92e282d1dc2b69d9e4f91fc0 -->
|
||||
<filter-mapping>
|
||||
<filter-name>Authentication_New_Authentication_Realm</filter-name>
|
||||
<filter-name>Authentication_MockRelam</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
<exclude-url-regex>^/errorpages.*$|^/favicon.ico$|^/hallo.txt$|^/index.html$|^/nevislogrend/.*$|^/resources.*$</exclude-url-regex>
|
||||
</filter-mapping>
|
||||
|
|
@ -166,7 +166,7 @@
|
|||
</listener>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<servlet>
|
||||
<servlet-name>Connector_New_Authentication_Realm</servlet-name>
|
||||
<servlet-name>Connector_MockRelam</servlet-name>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<servlet-class>ch::nevis::isiweb4::servlet::connector::soap::esauth4::Esauth4ConnectorServlet</servlet-class>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
|
|
@ -197,7 +197,7 @@
|
|||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
<param-name>Transport.SSLCACertificateFile</param-name>
|
||||
<param-value>/var/opt/keys/trust/npi-new-authentication-realm-tls-trust/truststore.pem</param-value>
|
||||
<param-value>/var/opt/keys/trust/npi-mockrelam-tls-trust/truststore.pem</param-value>
|
||||
</init-param>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
|
|
@ -207,12 +207,12 @@
|
|||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
<param-name>Transport.SSLClientCertificateFile</param-name>
|
||||
<param-value>/var/opt/keys/own/npi-new-authentication-realm-identity/cert.pem</param-value>
|
||||
<param-value>/var/opt/keys/own/npi-mockrelam-identity/cert.pem</param-value>
|
||||
</init-param>
|
||||
<!-- source: pattern://8523f0587aa8cfa7008f8171 -->
|
||||
<init-param>
|
||||
<param-name>Transport.SSLClientKeyFile</param-name>
|
||||
<param-value>/var/opt/keys/own/npi-new-authentication-realm-identity/key.pem</param-value>
|
||||
<param-value>/var/opt/keys/own/npi-mockrelam-identity/key.pem</param-value>
|
||||
</init-param>
|
||||
</servlet>
|
||||
<!-- source: pattern://8a4997cddc02803b920c8ee9 -->
|
||||
|
|
|
|||
Loading…
Reference in New Issue