diff --git a/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-6ec6739e824c8e56d9633622.yaml b/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-6ec6739e824c8e56d9633622.yaml
index 21e80ab..12223b8 100644
--- a/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-6ec6739e824c8e56d9633622.yaml
+++ b/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-6ec6739e824c8e56d9633622.yaml
@@ -45,7 +45,7 @@ spec:
podDisruptionBudget:
maxUnavailable: "50%"
git:
- tag: "r-60b9ba22a67a26f8264776b83cc5f5017ab48294"
+ tag: "r-3e8d88fa89e49665fa5a0637bd4c7a9775c40543"
dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai"
credentials: "git-credentials"
keystores:
diff --git a/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/esauth4.xml b/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/esauth4.xml
index 00d67fd..f257f33 100644
--- a/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/esauth4.xml
+++ b/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/esauth4.xml
@@ -143,7 +143,7 @@
-
+
diff --git a/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/etc/nevis/k8s-npi-92e282d1dc2b69d9e4f91fc0.yaml b/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/etc/nevis/k8s-npi-92e282d1dc2b69d9e4f91fc0.yaml
index 216d59b..c9a2fc6 100644
--- a/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/etc/nevis/k8s-npi-92e282d1dc2b69d9e4f91fc0.yaml
+++ b/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/etc/nevis/k8s-npi-92e282d1dc2b69d9e4f91fc0.yaml
@@ -46,7 +46,7 @@ spec:
podDisruptionBudget:
maxUnavailable: "50%"
git:
- tag: "r-60b9ba22a67a26f8264776b83cc5f5017ab48294"
+ tag: "r-3e8d88fa89e49665fa5a0637bd4c7a9775c40543"
dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi"
credentials: "git-credentials"
keystores:
diff --git a/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-cossa.agov-w.azure.adnovum.net/WEB-INF/web.xml b/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-cossa.agov-w.azure.adnovum.net/WEB-INF/web.xml
index acf07a4..0cc199b 100644
--- a/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-cossa.agov-w.azure.adnovum.net/WEB-INF/web.xml
+++ b/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-cossa.agov-w.azure.adnovum.net/WEB-INF/web.xml
@@ -1,72 +1,11 @@
-
+
SectokenVerifierCert
- /var/opt/keys/trust/npi-cossa-realm-signer-trust/truststore.pem
-/var/opt/keys/trust/npi-mockrelam-signer-trust/truststore.pem
+ /var/opt/keys/trust/npi-cossa-realm-signer-trust/truststore.pem
-
-
- AuthenticationService_MockRelam
- ch::nevis::isiweb4::filter::auth::IdentityCreationFilter
-
-
- AuthenticationServlet
- Connector_MockRelam
-
-
-
- BodyReadSize
- 32768
-
-
-
- EntryPointID
- cossa.agov-w.azure.adnovum.net
-
-
-
- InactiveInterval
- 7200
-
-
-
- InterceptionRedirect
- never
-
-
-
- LoginRendererServlet
- LoginRenderer_nli
-
-
-
- Realm
- MockRelam
-
-
-
- RecheckAuthentication
- On
-
-
-
- RenewIdentification
- true
-
-
-
- StateKey
- MockRelam
-
-
-
- StoreInterceptedRequest
- false
-
-
AuthenticationService_cossa_realm
@@ -160,33 +99,6 @@
/var/opt/nevisproxy/default/host-cossa.agov-w.azure.adnovum.net/WEB-INF/security_cossa_realm_tokenintrospection.conf
-
-
- OAuth_Preflighted_CORS_New OAuth 2.0 Authorization Server / OpenID Provider
- ch::nevis::isiweb4::filter::lua::LuaFilter
-
-
- Script
-
- function inputHeader(request, response)
- response:setHeader("Access-Control-Allow-Origin", "*")
- response:setHeader("Access-Control-Allow-Credentials", "true")
- response:setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, OPTIONS")
- response:setHeader("Access-Control-Allow-Headers", "Authorization")
- response:setHeader("Access-Control-Expose-Headers", "*")
- response:setHeader("Access-Control-Max-Age", "600")
- if request:getMethod() == "OPTIONS" then
- response:send(204)
- end
- end
-
-
-
-
- Script.InputHeaderFunctionName
- inputHeader
-
-
Qos
@@ -216,51 +128,6 @@
-
-
- SessionHandler_MockRelam
- ch::nevis::nevisproxy::filter::session::SessionManagementFilter
-
-
- Cookie.ExtraAttributes
- SameSite=None
-
-
-
- Cookie.Name
- Session_MockRelam
-
-
-
- Cookie.Secure
- true
-
-
-
- Identification
- COOKIE
-
-
-
- MaxInactiveInterval
- 600
-
-
-
- MaxLifetime
- 28800
-
-
-
- Servlet
- LocalSessionStoreServlet
-
-
-
- UpdateTimeStampMinInterval
- 120
-
-
SessionHandler_cossa_realm
@@ -321,26 +188,6 @@
SessionHandler_cossa_realm
/token/*
-
-
- OAuth_Preflighted_CORS_New OAuth 2.0 Authorization Server / OpenID Provider
- /asdf/*
-
-
-
- OAuth_Preflighted_CORS_New OAuth 2.0 Authorization Server / OpenID Provider
- /qwert/*
-
-
-
- SessionHandler_MockRelam
- /asdf/*
-
-
-
- SessionHandler_MockRelam
- /qwert/*
-
ModSecurity_cossa_realm_TokenIntrospection
@@ -351,71 +198,10 @@
AuthenticationService_cossa_realm
/token/*
-
-
- AuthenticationService_MockRelam
- /asdf/*
-
-
-
- AuthenticationService_MockRelam
- /qwert/*
-
-
+
ch::nevis::isiweb4::listener::SessionListener
-
-
- Connector_MockRelam
-
- ch::nevis::isiweb4::servlet::connector::soap::esauth4::Esauth4ConnectorServlet
-
-
- Transport.DNSCache.ttl
- 60
-
-
-
- Transport.InetAddress
- nai:8991
-
-
-
- Transport.KeepAlive.LifeTime
- 30
-
-
-
- Transport.RequestTimeout
- 90000
-
-
-
- Transport.ResourceManager.RetryTimeout
- 0
-
-
-
- Transport.SSLCACertificateFile
- /var/opt/keys/trust/npi-mockrelam-tls-trust/truststore.pem
-
-
-
- Transport.SSLCheckPeerHostname
- false
-
-
-
- Transport.SSLClientCertificateFile
- /var/opt/keys/own/npi-mockrelam-identity/cert.pem
-
-
-
- Transport.SSLClientKeyFile
- /var/opt/keys/own/npi-mockrelam-identity/key.pem
-
-
Connector_cossa_realm
@@ -548,10 +334,10 @@
true
-
+
Hosting_Default
-
+
ch::nevis::isiweb4::servlet::defaults::DefaultServlet
@@ -617,11 +403,6 @@
/nevislogrend
-
-
- Hosting_Default
- /asdf/*
-
NevisLogrendConnector_nli
@@ -632,11 +413,6 @@
Connector_cossa_realm_TokenIntrospection
/oauth/introspect2/*
-
-
- Hosting_Default
- /qwert/*
-
Hosting_Default
diff --git a/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-klp.agov-w.azure.adnovum.net/WEB-INF/web.xml b/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-klp.agov-w.azure.adnovum.net/WEB-INF/web.xml
index 55f3109..d2286f4 100644
--- a/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-klp.agov-w.azure.adnovum.net/WEB-INF/web.xml
+++ b/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/npi/var/opt/nevisproxy/default/host-klp.agov-w.azure.adnovum.net/WEB-INF/web.xml
@@ -6,6 +6,66 @@
SectokenVerifierCert
/var/opt/keys/trust/npi-mockrelam-signer-trust/truststore.pem
+
+
+ AuthenticationService_MockRelam
+ ch::nevis::isiweb4::filter::auth::IdentityCreationFilter
+
+
+ AuthenticationServlet
+ Connector_MockRelam
+
+
+
+ BodyReadSize
+ 32768
+
+
+
+ EntryPointID
+ klp.agov-w.azure.adnovum.net
+
+
+
+ InactiveInterval
+ 7200
+
+
+
+ InterceptionRedirect
+ never
+
+
+
+ LoginRendererServlet
+ LoginRenderer_nli
+
+
+
+ Realm
+ MockRelam
+
+
+
+ RecheckAuthentication
+ On
+
+
+
+ RenewIdentification
+ true
+
+
+
+ StateKey
+ MockRelam
+
+
+
+ StoreInterceptedRequest
+ false
+
+
Authentication_MockRelam
@@ -79,6 +139,33 @@
+
+
+ OAuth_Preflighted_CORS_New OAuth 2.0 Authorization Server / OpenID Provider
+ ch::nevis::isiweb4::filter::lua::LuaFilter
+
+
+ Script
+
+ function inputHeader(request, response)
+ response:setHeader("Access-Control-Allow-Origin", "*")
+ response:setHeader("Access-Control-Allow-Credentials", "true")
+ response:setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, OPTIONS")
+ response:setHeader("Access-Control-Allow-Headers", "Authorization")
+ response:setHeader("Access-Control-Expose-Headers", "*")
+ response:setHeader("Access-Control-Max-Age", "600")
+ if request:getMethod() == "OPTIONS" then
+ response:send(204)
+ end
+ end
+
+
+
+
+ Script.InputHeaderFunctionName
+ inputHeader
+
+
ResponseHeader_Default
@@ -152,13 +239,43 @@
SessionHandler_MockRelam
/*
- ^/errorpages.*$|^/favicon.ico$|^/hallo.txt$|^/index.html$|^/nevislogrend/.*$|^/resources.*$
+ ^/asdf/.*$|^/errorpages.*$|^/favicon.ico$|^/hallo.txt$|^/index.html$|^/nevislogrend/.*$|^/qwert/.*$|^/resources.*$
+
+
+
+ SessionHandler_MockRelam
+ /asdf/*
+
+
+
+ SessionHandler_MockRelam
+ /qwert/*
+
+
+
+ OAuth_Preflighted_CORS_New OAuth 2.0 Authorization Server / OpenID Provider
+ /asdf/*
+
+
+
+ OAuth_Preflighted_CORS_New OAuth 2.0 Authorization Server / OpenID Provider
+ /qwert/*
Authentication_MockRelam
/*
- ^/errorpages.*$|^/favicon.ico$|^/hallo.txt$|^/index.html$|^/nevislogrend/.*$|^/resources.*$
+ ^/asdf/.*$|^/errorpages.*$|^/favicon.ico$|^/hallo.txt$|^/index.html$|^/nevislogrend/.*$|^/qwert/.*$|^/resources.*$
+
+
+
+ AuthenticationService_MockRelam
+ /asdf/*
+
+
+
+ AuthenticationService_MockRelam
+ /qwert/*
@@ -215,6 +332,12 @@
/var/opt/keys/own/npi-mockrelam-identity/key.pem
+
+
+ Hosting_Default
+
+ ch::nevis::isiweb4::servlet::defaults::DefaultServlet
+
Hosting_New_Hosting_Service
@@ -294,20 +417,26 @@
/nevislogrend
-
- Hosting_Default
- ch::nevis::isiweb4::servlet::defaults::DefaultServlet
-
Hosting_New_Hosting_Service
/*
+
+
+ Hosting_Default
+ /asdf/*
+
NevisLogrendConnector_nli
/nevislogrend/*
+
+
+ Hosting_Default
+ /qwert/*
+
Hosting_Default
/index.html