DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-6ec6739e824c8e56d9633622.yaml

@@ -1,60 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisComponent"
-metadata:
-  name: "nai"
-  namespace: "adn-postit-tknxchng-01-dev"
-  labels:
-    deploymentTarget: "nai"
-  annotations:
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "6ec6739e824c8e56d9633622"
-spec:
-  type: "NevisAuth"
-  replicas: 1
-  version: "8.2405.2"
-  gitInitVersion: "1.3.0"
-  runAsNonRoot: true
-  ports:
-    management: 9000
-    soap: 8991
-  resources:
-    limits:
-      cpu: "2"
-      memory: "2000Mi"
-    requests:
-      cpu: "20m"
-      memory: "1000Mi"
-  livenessProbe:
-    soap:
-      tcpSocket: true
-      periodSeconds: 5
-      timeoutSeconds: 4
-  readinessProbe:
-    management:
-      httpGet:
-        path: "/nevisauth/liveness"
-      periodSeconds: 5
-      timeoutSeconds: 6
-  startupProbe:
-    management:
-      httpGet:
-        path: "/nevisauth/liveness"
-      periodSeconds: 5
-      timeoutSeconds: 6
-      failureThreshold: 50
-  podDisruptionBudget:
-    maxUnavailable: "50%"
-  git:
-    tag: "r-46b3c950256851308e60d2bd8d5de9ae4cc6f50e"
-    dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai"
-    credentials: "git-credentials"
-  keystores:
-  - "nai-default-identity"
-  - "nai-sh4r3d-default-default-signer"
-  truststores:
-  - "nai-default-tls-client-trust"
-  - "nai-default-default-signer-trust"
-  podSecurity:
-    policy: "baseline"
-    automountServiceAccountToken: false
-  timeZone: "Europe/Zurich"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-default-default-signer-trust-6ec6739e824c8e56d9633622.yaml

@@ -1,14 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisTrustStore"
-metadata:
-  name: "nai-default-default-signer-trust"
-  namespace: "adn-postit-tknxchng-01-dev"
-  labels:
-    deploymentTarget: "nai"
-  annotations:
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "6ec6739e824c8e56d9633622"
-spec:
-  keystores:
-  - name: "nai-sh4r3d-default-default-signer"
-    namespace: "adn-postit-tknxchng-01-dev"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-default-identity-6ec6739e824c8e56d9633622.yaml

@@ -1,18 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisKeyStore"
-metadata:
-  name: "nai-default-identity"
-  namespace: "adn-postit-tknxchng-01-dev"
-  labels:
-    deploymentTarget: "nai"
-  annotations:
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "6ec6739e824c8e56d9633622"
-spec:
-  cn: "nai"
-  usage: "<reserved for future use>"
-  san:
-    dns:
-    - "nai"
-    - "nai.adn-postit-tknxchng-01-dev"
-    email: []

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-default-tls-client-trust-6ec6739e824c8e56d9633622.yaml

@@ -1,14 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisTrustStore"
-metadata:
-  name: "nai-default-tls-client-trust"
-  namespace: "adn-postit-tknxchng-01-dev"
-  labels:
-    deploymentTarget: "nai"
-  annotations:
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "6ec6739e824c8e56d9633622"
-spec:
-  keystores:
-  - name: "npi-cossa-realm-identity"
-    namespace: "adn-postit-tknxchng-01-dev"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-sh4r3d-default-default-signer-6ec6739e824c8e56d9633622.yaml

@@ -1,16 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisKeyStore"
-metadata:
-  name: "nai-sh4r3d-default-default-signer"
-  namespace: "adn-postit-tknxchng-01-dev"
-  labels:
-    deploymentTarget: "nai"
-  annotations:
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "6ec6739e824c8e56d9633622"
-spec:
-  cn: "signer"
-  usage: "signer"
-  san:
-    dns: []
-    email: []

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/nevisauth_default.yml

@@ -1,18 +0,0 @@
-schemaVersion: 1.0
-instance:
-  type: "nevisauth"
-  name: "default"
-  directory: "/var/opt/nevisauth/default"
-  pid: "systemctl show nevisauth@default -p MainPID | cut -d '=' -f2"
-  source:
-    url: "/nevisadmin/#/projects/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/patterns/6ec6739e824c8e56d9633622"
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "6ec6739e824c8e56d9633622"
-    patternClass: "ch.nevis.admin.v4.plugin.nevisauth.patterns.NevisAuthDeployable"
-  resources:
-    ports:
-    - "0.0.0.0:8991"
-  control:
-    start: "systemctl restart nevisauth@default &"
-    stop: "systemctl stop nevisauth@default"
-    status: "systemctl status nevisauth@default"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/keys/own/tokensigner/cert.pem

@@ -1,19 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDAzCCAesCFFJeJMyjfQq6To7dqRpfc5oDX//oMA0GCSqGSIb3DQEBCwUAMD4x
-CzAJBgNVBAYTAkNIMQ0wCwYDVQQHDARCZXJuMRAwDgYDVQQKDAdBZG5vdnVtMQ4w
-DAYDVQQDDAVjb3NzYTAeFw0yNDExMDcxMzA3NTJaFw0yNTExMDcxMzA3NTJaMD4x
-CzAJBgNVBAYTAkNIMQ0wCwYDVQQHDARCZXJuMRAwDgYDVQQKDAdBZG5vdnVtMQ4w
-DAYDVQQDDAVjb3NzYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOWq
-kbFj7UAPDlzgqua7/ws43sIswHuhA400R3jKkHcvTC/QduDuDWoTeYkiQdv8lo7k
-PVQA7tP//Pe+2O2wS0spNMrlw0Jv0MWeGlN1Jv5PH9TuOnL1nrd6w2OCKClnR7t3
-xWZUEd3t4AtM/69VKNwSvVADt5yU6tifj1vCiE4uPoDkI8TNbT92aL2aDnq+VVRL
-Eki5SpQ6ZGUlZGFGhMMOoA9efnTGqrJBsP3m50SAEUqTUpo1aH6IaJXorf8+zzEE
-zWD4A13b0kvz75A9qh1rReYZgr1sQIfWwzoP76HQwpdEQsjnAteJi1SV7rSK/ekQ
-+iuJ9ql2Mjpve8vsWrsCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAE4GJgtYJRI3r
-hAWb4ptd6ngPfvW6pNb8Q9do/k0yVmAzckibRVSgmCoTeFnArn56NB2nrZlpnncG
-IYB5uVI7jiEHCTZRXG7JbI/MHiwkq5P+Mf+OlvJWgiWkKFteJS46GBVo6JFVAIbv
-H/UEflHbeTbaSYsoH0Xv54S9IvIuv/IA7KooFRmuzRb10hBBV0EUdrGfdBHmSpQf
-CiSMPOTqu3nzcms4O4DLHnW2kVRyrd/G0Lkg/FUGsN4ZHyYGSC36gUOFqubGy9GV
-HJqM6758pE0Myk7LMFGd8MrlnYTeWgBnRlAmfzMVMWZaAaRGGZ5SwQrZmenVB1ne
-Ix41vfiHmA==
------END CERTIFICATE-----

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/keys/own/tokensigner/key.pem

@@ -1,30 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIFKzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQU1w+0ZNamq3X91Bur
-d/pQZH7Yq+wCAggAMB0GCWCGSAFlAwQBKgQQ+NvXoFb05UDnOc75yNr/DQSCBNBD
-m3o2GoHnMupzBuc4G7KdllLa2iaP0zkbK5SrJ2QlBWzei3K9PfyWsCSiGDoEL1fG
-X8sjFmWDXiKg8z2KjZ8SAIVliMusz318hIjSkv7MOtcEKZ7uZ3C9e/AHl2CY55O7
-OroDbvQfiexVyKS49vd8lex9DFZQ6nrhK7sQoygDeo469NoCJKu4s1Q657L8aeoQ
-RSYBgtO3tThXIHqrW7FhuYGy8GSi8nI5axGTE7tfo3NqQo4Ap44a9W+vP8NsWUm+
-WAyoErFTWxiuzXDU8LV2ziN4IZLsMZ0dgJjElIY6lAopr9YtjmKV+3IofYcy9BDa
-q1WDfwqBBdoKdbMGLvXs8MBTPWbTinbiLGjNfRehtTdQ6zoVBYdxbPQBbw39vH2q
-k2eLYsWuJmWQHfd3vCEc1B5kAgdAIiPSKvY5wRqb2cg1V/MjQRVZy7wHUBcYVx14
-aXPqOgvkSLXYN3nt+X3PsubU5l/aOM9KCI2gT8j4AtvBjgVWzKglyVe5l0T8FGQ4
-KMykvMwFQ2x6g63GyF+xfIM9XMVo8EJ7XNafz18CJ2s7HZ7Zv6twM2D2+xTaa9iq
-CTcShTPVOLmnLfz6/3I7KKFMKOtm05rZTW7P3dOwcO8symm8qsfz5Kb4FC0H1Kmj
-MAPO3vAhCIkHOsvrQiFP5RiIk2C+Ea1ygmSl5L3VC2eVA7Hy5FCDiZg7qJAWZqCH
-ik/cttmzTKy44x2BvrPIKy5l37uGHFcRG/AgIY8hXo+1LUjeKpjjE9hs6MXSqyZh
-zTkWFOXUkWFeBHrZqR45WO+ByVx7qD55pQmo2YMQ1q7fzM3VCzpO1OD1HAdhGWRu
-3cin9Asj3+0X4SUknf/ZrVPGOdyj5Lj09ymL05hwYsiuAtWX3hH4I4ZYB6miJ3+F
-rOnIPed/exXuCsq/H0+WWLilwDxO7VOamO3ggDKm0LebwTx+N8HQaKVXl7HYh5F8
-Jmpp/bQrFswa42874GaZMJimyQx66SDsPTULjlk+0Ydc2gbWqvIbzBzerxlIm9nR
-vWsx+V4+3Zvoom5Vwuo3P7Su3DAY142pn6cmqn77TSaMapWLK23tk24D7wUt6ROY
-xRPfVuSgQ+u3xxDKmKLfFvdFbVx2YNmd174fQJFvr5cpwpMg/uqvnXdw6YwJugmd
-hGtsodhd3aoX/BjTxkur2Aw4GFpXQYCdeioVFaOIPZDsmOokNcdVw45qC8xRn2Bx
-VcZ24opYyGtnfl5DxOd2tl1dsKKxoVR4nWphHED//08ZfcUWaudeyIMfNJm790s7
-8+0smUkQpd2f1Xc3YNBKwLN+U6hUme9DvSBoF6bQn/LEBGOSrE546W/Refytg907
-SdHN1Qv5uDpFH7iIr44o/uIbwg0S1l/uLGNUR2o+ORt5SXh4fY6spjgCZc+UleUU
-hjiGE8Nqh5fSvpnud7p2KPSUhuKcybQbKmn/mTBbP2GNaL2nHHXGRHO7MXGhZpHB
-njmd8DyE+SOBtQTB+aLYlPGkRTNbFkJdyzc9gMCUJCEQs9CNrj/VGy4ZM41Khi3z
-ZG2hJNjINqaZ5mzDJCdAHuNiwsvdhNqYJVVgPXl3ZkjcBbarZuAzxSih7FlEGDRs
-43vyCSLp33X5o2gLVf9FsFRZgQxwZnJvaWl86OUWeA==
------END ENCRYPTED PRIVATE KEY-----

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/keys/own/tokensigner/keypass

@@ -1,2 +0,0 @@
-#!/bin/bash
-echo '09I1B4lsP4+KQB8dB3AeEyU4RawLttIo55+0EWPPh0I='

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/keys/own/tokensigner/keystore.pem

@@ -1,50 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIFKzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQU1w+0ZNamq3X91Bur
-d/pQZH7Yq+wCAggAMB0GCWCGSAFlAwQBKgQQ+NvXoFb05UDnOc75yNr/DQSCBNBD
-m3o2GoHnMupzBuc4G7KdllLa2iaP0zkbK5SrJ2QlBWzei3K9PfyWsCSiGDoEL1fG
-X8sjFmWDXiKg8z2KjZ8SAIVliMusz318hIjSkv7MOtcEKZ7uZ3C9e/AHl2CY55O7
-OroDbvQfiexVyKS49vd8lex9DFZQ6nrhK7sQoygDeo469NoCJKu4s1Q657L8aeoQ
-RSYBgtO3tThXIHqrW7FhuYGy8GSi8nI5axGTE7tfo3NqQo4Ap44a9W+vP8NsWUm+
-WAyoErFTWxiuzXDU8LV2ziN4IZLsMZ0dgJjElIY6lAopr9YtjmKV+3IofYcy9BDa
-q1WDfwqBBdoKdbMGLvXs8MBTPWbTinbiLGjNfRehtTdQ6zoVBYdxbPQBbw39vH2q
-k2eLYsWuJmWQHfd3vCEc1B5kAgdAIiPSKvY5wRqb2cg1V/MjQRVZy7wHUBcYVx14
-aXPqOgvkSLXYN3nt+X3PsubU5l/aOM9KCI2gT8j4AtvBjgVWzKglyVe5l0T8FGQ4
-KMykvMwFQ2x6g63GyF+xfIM9XMVo8EJ7XNafz18CJ2s7HZ7Zv6twM2D2+xTaa9iq
-CTcShTPVOLmnLfz6/3I7KKFMKOtm05rZTW7P3dOwcO8symm8qsfz5Kb4FC0H1Kmj
-MAPO3vAhCIkHOsvrQiFP5RiIk2C+Ea1ygmSl5L3VC2eVA7Hy5FCDiZg7qJAWZqCH
-ik/cttmzTKy44x2BvrPIKy5l37uGHFcRG/AgIY8hXo+1LUjeKpjjE9hs6MXSqyZh
-zTkWFOXUkWFeBHrZqR45WO+ByVx7qD55pQmo2YMQ1q7fzM3VCzpO1OD1HAdhGWRu
-3cin9Asj3+0X4SUknf/ZrVPGOdyj5Lj09ymL05hwYsiuAtWX3hH4I4ZYB6miJ3+F
-rOnIPed/exXuCsq/H0+WWLilwDxO7VOamO3ggDKm0LebwTx+N8HQaKVXl7HYh5F8
-Jmpp/bQrFswa42874GaZMJimyQx66SDsPTULjlk+0Ydc2gbWqvIbzBzerxlIm9nR
-vWsx+V4+3Zvoom5Vwuo3P7Su3DAY142pn6cmqn77TSaMapWLK23tk24D7wUt6ROY
-xRPfVuSgQ+u3xxDKmKLfFvdFbVx2YNmd174fQJFvr5cpwpMg/uqvnXdw6YwJugmd
-hGtsodhd3aoX/BjTxkur2Aw4GFpXQYCdeioVFaOIPZDsmOokNcdVw45qC8xRn2Bx
-VcZ24opYyGtnfl5DxOd2tl1dsKKxoVR4nWphHED//08ZfcUWaudeyIMfNJm790s7
-8+0smUkQpd2f1Xc3YNBKwLN+U6hUme9DvSBoF6bQn/LEBGOSrE546W/Refytg907
-SdHN1Qv5uDpFH7iIr44o/uIbwg0S1l/uLGNUR2o+ORt5SXh4fY6spjgCZc+UleUU
-hjiGE8Nqh5fSvpnud7p2KPSUhuKcybQbKmn/mTBbP2GNaL2nHHXGRHO7MXGhZpHB
-njmd8DyE+SOBtQTB+aLYlPGkRTNbFkJdyzc9gMCUJCEQs9CNrj/VGy4ZM41Khi3z
-ZG2hJNjINqaZ5mzDJCdAHuNiwsvdhNqYJVVgPXl3ZkjcBbarZuAzxSih7FlEGDRs
-43vyCSLp33X5o2gLVf9FsFRZgQxwZnJvaWl86OUWeA==
------END ENCRYPTED PRIVATE KEY-----
-
------BEGIN CERTIFICATE-----
-MIIDAzCCAesCFFJeJMyjfQq6To7dqRpfc5oDX//oMA0GCSqGSIb3DQEBCwUAMD4x
-CzAJBgNVBAYTAkNIMQ0wCwYDVQQHDARCZXJuMRAwDgYDVQQKDAdBZG5vdnVtMQ4w
-DAYDVQQDDAVjb3NzYTAeFw0yNDExMDcxMzA3NTJaFw0yNTExMDcxMzA3NTJaMD4x
-CzAJBgNVBAYTAkNIMQ0wCwYDVQQHDARCZXJuMRAwDgYDVQQKDAdBZG5vdnVtMQ4w
-DAYDVQQDDAVjb3NzYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOWq
-kbFj7UAPDlzgqua7/ws43sIswHuhA400R3jKkHcvTC/QduDuDWoTeYkiQdv8lo7k
-PVQA7tP//Pe+2O2wS0spNMrlw0Jv0MWeGlN1Jv5PH9TuOnL1nrd6w2OCKClnR7t3
-xWZUEd3t4AtM/69VKNwSvVADt5yU6tifj1vCiE4uPoDkI8TNbT92aL2aDnq+VVRL
-Eki5SpQ6ZGUlZGFGhMMOoA9efnTGqrJBsP3m50SAEUqTUpo1aH6IaJXorf8+zzEE
-zWD4A13b0kvz75A9qh1rReYZgr1sQIfWwzoP76HQwpdEQsjnAteJi1SV7rSK/ekQ
-+iuJ9ql2Mjpve8vsWrsCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAE4GJgtYJRI3r
-hAWb4ptd6ngPfvW6pNb8Q9do/k0yVmAzckibRVSgmCoTeFnArn56NB2nrZlpnncG
-IYB5uVI7jiEHCTZRXG7JbI/MHiwkq5P+Mf+OlvJWgiWkKFteJS46GBVo6JFVAIbv
-H/UEflHbeTbaSYsoH0Xv54S9IvIuv/IA7KooFRmuzRb10hBBV0EUdrGfdBHmSpQf
-CiSMPOTqu3nzcms4O4DLHnW2kVRyrd/G0Lkg/FUGsN4ZHyYGSC36gUOFqubGy9GV
-HJqM6758pE0Myk7LMFGd8MrlnYTeWgBnRlAmfzMVMWZaAaRGGZ5SwQrZmenVB1ne
-Ix41vfiHmA==
------END CERTIFICATE-----

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/keys/trust/tls-swissid/keypass

@@ -1,2 +0,0 @@
-#!/bin/bash
-echo 'password'

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/keys/trust/tls-swissid/truststore.pem

@@ -1,38 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIGkzCCBHugAwIBAgIULa4PojoMOF/785XA2QNkLRQYTS4wDQYJKoZIhvcNAQEL
-BQAwUTELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzErMCkGA1UE
-AxMiU3dpc3NTaWduIFJTQSBUTFMgUm9vdCBDQSAyMDIyIC0gMTAeFw0yMjA2Mjkw
-OTMwNDdaFw0zNjA2MjkwOTMwNDdaMFAxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxT
-d2lzc1NpZ24gQUcxKjAoBgNVBAMTIVN3aXNzU2lnbiBSU0EgVExTIEVWIElDQSAy
-MDIyIC0gMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL61hlRf7Jxo
-0msjavo1pgChwWBDYix5Zd0CnhciVYUCk30Ko6BxFBICoSsZ1gXGqlT20g/AYqYL
-xuKcdNNAJ/LHT6k2zL3UhSpx+eHjeTGQ7id2jC1HKRZ9zA8YXdhtY3oJom7B3ykE
-d/j0KVmHy9tP1A0rt3ntbJLfLIS6uWogx2KfFs8MwtoAZLiGvp49SHly6p450fcz
-payPIWu12PfVQjLg7b9NitlDlYEWiCAL7R3jINw2yMwcdBvq2gy+ZZsiYkSb1m+h
-ABOGxU6SCN6w7GgRWWveSaJBvRokUvIon/wsZK51j8RM4TsoR60Wei8ftSBL75BI
-g9Us8dkBXDa8vqoDVpc9zs6pan5XN8KymNT52j4gEe161eYTtbiME4KdSWtVsA7e
-rdkHsXKJTRIxxdpUkQXxhLXEoyDed/BVgV1yhTeN6YCFX7AiocAi5rPUplc6LV58
-CCUWFMSWEJxOYQUrwWFLNzQMnE969hnvdhuO8ZeqtpwFwX/OLryWoil+jGobRm/1
-OQS9+urcVygrzZ9Dy9Q/OF/oq9NeaijvL2Ncjkj5f6uJzgXkm7PwjnHrL2FWBkhp
-oM/vyT1VAgWNoku3jIyedtyJ9lUECwPIzQuddQYOL8FwhaFmvtHnOLpiy2ctbwir
-gJW+KcsNkpHg0N5stJcPzPvlssmNBHbNAgMBAAGjggFiMIIBXjBcBggrBgEFBQcB
-AQRQME4wTAYIKwYBBQUHMAKGQGh0dHA6Ly9haWEuc3dpc3NzaWduLmNoL2Fpci1h
-ZWZmMzc0ZC0wZjdhLTRjNTUtYTAzNC0xNDQwMjkwY2ZhMzIwEgYDVR0TAQH/BAgw
-BgEB/wIBADAoBgNVHSAEITAfMAcGBWeBDAEBMAgGBgQAj3oBBDAKBghghXQBWQIB
-AzBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8vY3JsLnN3aXNzc2lnbi5jaC9jZHAt
-OTY2MWMyOWYtOTEyMS00ZjQ2LWFjZDgtZWFkNGEyMmY3MTYwMB0GA1UdJQQWMBQG
-CCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFElS
-3zCGkllfNJwlSCSrwOvRBvLWMB8GA1UdIwQYMBaAFG+OYouTQ7DhQPanw/3xD7gP
-FTilMA0GCSqGSIb3DQEBCwUAA4ICAQBugn943V4fbEbG+Leb4YXTWLLfPIC+mrdc
-H6v1+Iws+XCzoKthaDk0c346mSaXZM9to5xDOWgfEnBYbVioMyI/5EABbg4ARkgp
-dj50FPe9MtLD4kOZFv/8LoRH+WdAfQUsxS1RQincUnYWAxmRNOHLdnbyiQt3sYDl
-6tZzURSMnMUec4stxfLT4VQE1Ew6Phr06CouYOd5ON+mWkFhROz3jx5PTXcECrqQ
-IT27wJ4mzKA6W9p69ZDFi/+FcpN9vCjzksi0w8i62DwtbO8Pj3ZEOL8z6+cwXyT7
-X7Zt96vufj+bsxFo1IXQ6cb2i13qpThSHL4NA1NhUbB/ipMbxNtBJ4fwtcG8SAUs
-jRXgG/RYrXRorG90KU/dcezixY4yKnlIdkkhpV7h8jY2+XS7GbjaKee8pPeAFXgs
-Hzdi+EhZvHOVfshaKL2CAELrYn8Tzo2Zt9zsbif8L7bPJROS3xqzn+GbCFt67/8Y
-jTh84Taa4D49H6V+p01QPkvG7ub7Rw52fm56zY3mabbhbsREOceswsfunxSN/SOE
-pLKVMopuVnRcwVIWmnzH9BlBhIzLqOS4kCYA5E5Irw217j/JTGVWEdMN0ar09nGh
-WA2Eq8aDANjAP1bao/4nmxsFU2zKbTR40Tb7/HKB5jaItYdkz6ppnxQDLTWe7T6+
-nGZwqmYtbQ==
------END CERTIFICATE-----

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/LitDict.properties

@@ -1,80 +0,0 @@
-
-accept.button.label=Accept
-cancel.button.label=Cancel
-continue.button.label=Continue
-deputy.profile.label=(Deputy Profile)
-error.saml.failed=Please close your browser and try again.
-error_1=Please check your input.
-error_10=Please select the correct user account.
-error_100=Certificate upload not possible. Certificate already exists. Please contact your helpdesk.
-error_101=The entered email address is not valid.
-error_11=Please use another certficate or login with another credential type.
-error_2=Please select another login name.
-error_3=Your account will be locked if next authentication fails.
-error_4=Your new password does not comply with the security policy. Please choose a different password.
-error_5=Error in password confirmation.
-error_50=The new password is too short.
-error_55=The new password has to differ from old passwords.
-error_6=Password change required.
-error_7=Change of login ID required.
-error_8=Your account has been locked due to repeated authentication failures.
-error_81=No access card found, access from internet denied.
-error_83=Your access card is no longer valid. Please contact your advisor to get a new access card.
-error_9=Session take over failed.
-error_97=You are not authorized to access this resource.
-error_98=Your account has been locked.
-error_99=System problems. Please try later.
-info.logout.confirmation=Please confirm that you want to log out.
-info.logout.reminder=Your session on this application has expired. Try again with a login.
-info.oauth.consent=Do you want to authorise this application to access your data?
-info.timeout.page=Your session on this application has expired. Try again with a login.
-login.button.label=Login
-logout.label=Logout
-logout.text=You have successfully logged out.
-method.certificate.label=Certificate
-method.fido.label=Mobile Authentication
-method.fido2.label=FIDO 2
-method.mtan.label=mTAN Code
-method.oath.label=OATH Authenticator App
-method.otp.label=OTP (One-Time Password)
-method.recovery.label=Recovery Codes
-method.safeword.label=SafeWord
-method.securid.label=SecurID
-method.ticket.label=Ticket
-outarg.lastLogin.never=Never
-policyFailure.dictionary=▪ must not be taken from a dictionary.
-policyFailure.history.History=▪ must be different from previously selected passwords.
-policyFailure.regex.control=▪ cannot contain more than {0} control characters.
-policyFailure.regex.lower=▪ must contain at least {0} lower case characters.
-policyFailure.regex.maxCharacterRepetitions=▪ characters must not occur more than {0} time(s) consecutively.
-policyFailure.regex.maxLength=▪ must be at most {0} characters long.
-policyFailure.regex.minLength=▪ must be at least {0} characters long.
-policyFailure.regex.nonAlnum=▪ must contain at least {0} non-alphanumeric characters.
-policyFailure.regex.nonAscii=▪ cannot contain more than {0} non-ASCII characters.
-policyFailure.regex.nonGraph=▪ cannot contain more than {0} non-printable characters.
-policyFailure.regex.nonLetter=▪ must contain at least {0} non-letter characters.
-policyFailure.regex.numeric=▪ must contain at least {0} numeric characters.
-policyFailure.regex.upper=▪ must contain at least {0} upper case characters.
-policyInfo.dictionary=▪ must not be taken from a dictionary.
-policyInfo.history.History=▪ must be different from previously selected passwords.
-policyInfo.regex.control=▪ cannot contain more than {0} control characters.
-policyInfo.regex.lower=▪ must contain at least {0} lower case characters.
-policyInfo.regex.maxCharacterRepetitions=▪ characters must not occur more than {0} time(s) consecutively.
-policyInfo.regex.maxLength=▪ must be at most {0} characters long.
-policyInfo.regex.minLength=▪ must be at least {0} characters long.
-policyInfo.regex.nonAlnum=▪ must contain at least {0} non-alphanumeric characters.
-policyInfo.regex.nonAscii=▪ cannot contain more than {0} non-ASCII characters.
-policyInfo.regex.nonGraph=▪ cannot contain more than {0} non-printable characters.
-policyInfo.regex.nonLetter=▪ must contain at least {0} non-letter characters.
-policyInfo.regex.numeric=▪ must contain at least {0} numeric characters.
-policyInfo.regex.upper=▪ must contain at least {0} upper case characters.
-policyInfo.title=The password has to comply with the following password policy:
-reject.button.label=Deny
-submit.button.label=Submit
-tan.sent=Please enter the security code which has been sent to your mobile phone.
-title.logout=Logout
-title.logout.confirmation=Logout
-title.logout.reminder=Logout
-title.oauth.consent=Client Authorization
-title.saml.failed=Error
-title.timeout.page=Logout

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/LitDict_de.properties

@@ -1,80 +0,0 @@
-
-accept.button.label=Akzeptieren
-cancel.button.label=Abbrechen
-continue.button.label=Weiter
-deputy.profile.label=(Profil Stellvertreter)
-error.saml.failed=Bitte schliessen Sie Ihren Browser und versuchen Sie es erneut.
-error_1=Bitte überprüfen Sie Ihre Eingabe.
-error_10=Bitte wählen Sie den gewünschten Benutzer.
-error_100=Zertifikat-Upload nicht möglich. Zertifikat bereits vorhanden. Bitte kontaktieren Sie Ihren Helpdesk.
-error_101=Die angegebene E-Mail Adresse ist ungültig.
-error_11=Bitte verwenden Sie ein anderes Zertifikat oder ein alternatives Authentisierungsmittel.
-error_2=Bitte wählen Sie einen anderen Login-Namen. 
-error_3=Falls Ihr nächster Login fehlschlägt, wird Ihr Konto gesperrt.
-error_4=Ihr neues Passwort wurde nicht akzeptiert. Bitte wählen Sie eines, das den Passwortvorgaben entspricht.
-error_5=Die Eingabe zur Bestätigung des Passwortes ist falsch.
-error_50=Das neue Passwort ist zu kurz.
-error_55=Das neue Passwort muss sich von alten Passwörtern unterscheiden.
-error_6=Passwortwechsel erforderlich.
-error_7=Wechsel der Login-ID erforderlich.
-error_8=Ihr Konto wurde infolge wiederholt fehlgeschlagener Authentisierung gesperrt.
-error_81=Keine Rasterkarte gefunden, Zugang vom Internet verweigert.
-error_83=Ihre Rasterkarte ist aufgebraucht. Bitte kontaktieren Sie Ihren Berater, um eine neue zu erhalten.
-error_9=Die SSO-Session konnte nicht übernommen werden.
-error_97=Sie verfügen nicht über die für den Zugriff auf diese Ressource benötigte Berechtigung.
-error_98=Ihr Konto ist gesperrt.
-error_99=Systemfehler. Bitte versuchen Sie es später.
-info.logout.confirmation=Bitte bestätigen Sie, dass Sie sich abmelden möchten.
-info.logout.reminder=Ihre Session ist auf dieser Applikation abgelaufen. Versuchen Sie es nochmals mit einem Login.
-info.oauth.consent=Wollen Sie der Anwendung den Zugriff erlauben?
-info.timeout.page=Ihre Session ist auf dieser Applikation abgelaufen. Versuchen Sie es nochmals mit einem Login.
-login.button.label=Login
-logout.label=Logout
-logout.text=Sie haben sich erfolgreich abgemeldet.
-method.certificate.label=Zertifikat
-method.fido.label=Mobile Authentication
-method.fido2.label=FIDO 2
-method.mtan.label=mTAN-Code
-method.oath.label=OATH Authenticator-App
-method.otp.label=OTP (One-Time Passwort)
-method.recovery.label=Wiederherstellungscodes
-method.safeword.label=SafeWord
-method.securid.label=SecurID
-method.ticket.label=Ticket
-outarg.lastLogin.never=Nie
-policyFailure.dictionary=▪ darf nicht aus einem Wörterbuch stammen.
-policyFailure.history.History=▪ muss sich von vorhergehenden Passwörtern unterscheiden.
-policyFailure.regex.control=▪ darf höchstens {0} Kontrollzeichen enthalten.
-policyFailure.regex.lower=▪ muss {0} Kleinbuchstaben enthalten.
-policyFailure.regex.maxCharacterRepetitions=▪ darf nicht eine Sequenz länger als {0} des gleichen Zeichens enthalten.
-policyFailure.regex.maxLength=Länge des Passwortes darf höchstens {0} sein.
-policyFailure.regex.minLength=Länge des Passwortes muss mindestens {0} sein.
-policyFailure.regex.nonAlnum=▪ muss {0} nicht-alphanumerische Zeichen enthalten.
-policyFailure.regex.nonAscii=▪ darf höchstens {0} Zeichen ausserhalb des ASCII-Zeichensatzes enthalten.
-policyFailure.regex.nonGraph=▪ darf höchstens {0} nicht-druckende Zeichen enthalten.
-policyFailure.regex.nonLetter=▪ muss {0} Zeichen enthalten, die keine Buchstaben sind.
-policyFailure.regex.numeric=▪ muss {0} numerische Zeichen enthalten.
-policyFailure.regex.upper=▪ muss {0} Grossbuchstaben enthalten.
-policyInfo.dictionary=▪ darf nicht aus einem Wörterbuch stammen.
-policyInfo.history.History=▪ darf keines der zuletzt verwendeten Passwörtern sein.
-policyInfo.regex.control=▪ darf höchstens {0} Kontrollzeichen enthalten.
-policyInfo.regex.lower=▪ muss mindestens {0} Kleinbuchstaben enthalten.
-policyInfo.regex.maxCharacterRepetitions=▪ darf nicht eine Sequenz länger als {0} des gleichen Zeichens enthalten.
-policyInfo.regex.maxLength=▪ darf höchstens {0} Zeichen enthalten.
-policyInfo.regex.minLength=▪ muss mindestens {0} Zeichen enthalten.
-policyInfo.regex.nonAlnum=▪ muss mindestens {0} Zeichen enthalten, die nicht Alphanumerisch sind.
-policyInfo.regex.nonAscii=▪ darf höchstens {0} Zeichen ausserhalb des ASCII-Zeichensatzes enthalten.
-policyInfo.regex.nonGraph=▪ darf höchstens {0} nicht-druckende Zeichen enthalten.
-policyInfo.regex.nonLetter=▪ muss mindestens {0} Zeichen enthalten, die keine Buchstaben sind.
-policyInfo.regex.numeric=▪ muss mindestens {0} numerische Zeichen enthalten.
-policyInfo.regex.upper=▪ muss mindestens {0} Grossbuchstaben enthalten.
-policyInfo.title=Das Passwort muss den folgenden Passwort-Richtlinien entsprechen:
-reject.button.label=Ablehnen
-submit.button.label=Senden
-tan.sent=Bitte erfassen Sie den Sicherheitscode, welcher an Ihr Mobiltelefon gesendet wurde.
-title.logout=Logout
-title.logout.confirmation=Logout
-title.logout.reminder=Logout
-title.oauth.consent=Client Authorisierung
-title.saml.failed=Error
-title.timeout.page=Logout

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/LitDict_en.properties

@@ -1,80 +0,0 @@
-
-accept.button.label=Accept
-cancel.button.label=Cancel
-continue.button.label=Continue
-deputy.profile.label=(Deputy Profile)
-error.saml.failed=Please close your browser and try again.
-error_1=Please check your input.
-error_10=Please select the correct user account.
-error_100=Certificate upload not possible. Certificate already exists. Please contact your helpdesk.
-error_101=The entered email address is not valid.
-error_11=Please use another certficate or login with another credential type.
-error_2=Please select another login name.
-error_3=Your account will be locked if next authentication fails.
-error_4=Your new password does not comply with the security policy. Please choose a different password.
-error_5=Error in password confirmation.
-error_50=The new password is too short.
-error_55=The new password has to differ from old passwords.
-error_6=Password change required.
-error_7=Change of login ID required.
-error_8=Your account has been locked due to repeated authentication failures.
-error_81=No access card found, access from internet denied.
-error_83=Your access card is no longer valid. Please contact your advisor to get a new access card.
-error_9=Session take over failed.
-error_97=You are not authorized to access this resource.
-error_98=Your account has been locked.
-error_99=System problems. Please try later.
-info.logout.confirmation=Please confirm that you want to log out.
-info.logout.reminder=Your session on this application has expired. Try again with a login.
-info.oauth.consent=Do you want to authorise this application to access your data?
-info.timeout.page=Your session on this application has expired. Try again with a login.
-login.button.label=Login
-logout.label=Logout
-logout.text=You have successfully logged out.
-method.certificate.label=Certificate
-method.fido.label=Mobile Authentication
-method.fido2.label=FIDO 2
-method.mtan.label=mTAN Code
-method.oath.label=OATH Authenticator App
-method.otp.label=OTP (One-Time Password)
-method.recovery.label=Recovery Codes
-method.safeword.label=SafeWord
-method.securid.label=SecurID
-method.ticket.label=Ticket
-outarg.lastLogin.never=Never
-policyFailure.dictionary=▪ must not be taken from a dictionary.
-policyFailure.history.History=▪ must be different from previously selected passwords.
-policyFailure.regex.control=▪ cannot contain more than {0} control characters.
-policyFailure.regex.lower=▪ must contain at least {0} lower case characters.
-policyFailure.regex.maxCharacterRepetitions=▪ characters must not occur more than {0} time(s) consecutively.
-policyFailure.regex.maxLength=▪ must be at most {0} characters long.
-policyFailure.regex.minLength=▪ must be at least {0} characters long.
-policyFailure.regex.nonAlnum=▪ must contain at least {0} non-alphanumeric characters.
-policyFailure.regex.nonAscii=▪ cannot contain more than {0} non-ASCII characters.
-policyFailure.regex.nonGraph=▪ cannot contain more than {0} non-printable characters.
-policyFailure.regex.nonLetter=▪ must contain at least {0} non-letter characters.
-policyFailure.regex.numeric=▪ must contain at least {0} numeric characters.
-policyFailure.regex.upper=▪ must contain at least {0} upper case characters.
-policyInfo.dictionary=▪ must not be taken from a dictionary.
-policyInfo.history.History=▪ must be different from previously selected passwords.
-policyInfo.regex.control=▪ cannot contain more than {0} control characters.
-policyInfo.regex.lower=▪ must contain at least {0} lower case characters.
-policyInfo.regex.maxCharacterRepetitions=▪ characters must not occur more than {0} time(s) consecutively.
-policyInfo.regex.maxLength=▪ must be at most {0} characters long.
-policyInfo.regex.minLength=▪ must be at least {0} characters long.
-policyInfo.regex.nonAlnum=▪ must contain at least {0} non-alphanumeric characters.
-policyInfo.regex.nonAscii=▪ cannot contain more than {0} non-ASCII characters.
-policyInfo.regex.nonGraph=▪ cannot contain more than {0} non-printable characters.
-policyInfo.regex.nonLetter=▪ must contain at least {0} non-letter characters.
-policyInfo.regex.numeric=▪ must contain at least {0} numeric characters.
-policyInfo.regex.upper=▪ must contain at least {0} upper case characters.
-policyInfo.title=The password has to comply with the following password policy:
-reject.button.label=Deny
-submit.button.label=Submit
-tan.sent=Please enter the security code which has been sent to your mobile phone.
-title.logout=Logout
-title.logout.confirmation=Logout
-title.logout.reminder=Logout
-title.oauth.consent=Client Authorization
-title.saml.failed=Error
-title.timeout.page=Logout

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/LitDict_fr.properties

@@ -1,80 +0,0 @@
-
-accept.button.label=Accepter
-cancel.button.label=Abandonner
-continue.button.label=Continuer
-deputy.profile.label=(Profil du suppléant)
-error.saml.failed=Fermez votre navigateur et r;eacute;essayez.
-error_1=Veuillez vérifier vos données, s.v.p.
-error_10=Choisissez votre compte.
-error_100=Téléchargement du certificat pas possible. Certificat existe déjà. Veuillez contacter le helpdesk s.v.p.
-error_101=L'adresse e-mail é n'est pas valide.
-error_11=Choisissez un autre certificat, s.v.p.
-error_2=Choisissez un autre nom, s.v.p.
-error_3=Si l'authentification ne réussit pas au prochain essai, votre compte sera bloqué.
-error_4=Votre nouveau mot de passe ne conforme pas aux mesures de sécurité
-error_5=Votre confirmation du mot de passe ne correspond pas au mot de passe donné.
-error_50=Le nouveau mot de passe est trop court.
-error_55=Le nouveau mot de passe doit différer de l'ancien.
-error_6=Veuillez changer votre mot de passe, s.v.p.
-error_7=Veuillez changer votre login ID, s.v.p.
-error_8=Votre compte n'est pas active.
-error_81=Pas d'access card trouvé, l'accès par l'internet est refusé.
-error_83=Votre access card n'est plus valable, veuillez contacter votre gestionnaire.
-error_9=Il n'est pas possible de transmettre la session.
-error_97=Vous n'avez pas les autorisations nécessaires pour accéder à cette ressource.
-error_98=Votre compte a été bloqué.
-error_99=Problème technique. Veuillez essayer plus tard, s.v.p.
-info.logout.confirmation=Veuillez confirmer que vous souhaitez vous déconnecter.
-info.logout.reminder=Votre session sur cette application a expirée. Essayez encore avec un login.
-info.oauth.consent=Voulez-vous autoriser l'application?
-info.timeout.page=Votre session sur cette application a expirée. Essayez encore avec un login.
-login.button.label=Login
-logout.label=Logout
-logout.text=Au revoir
-method.certificate.label=Certificat
-method.fido.label=Mobile Authentication
-method.fido2.label=FIDO 2
-method.mtan.label=Code mTAN
-method.oath.label=Application d'authentification OATH
-method.otp.label=OTP (One-Time Password)
-method.recovery.label=Codes de récupération
-method.safeword.label=SafeWord
-method.securid.label=SecurID
-method.ticket.label=Ticket
-outarg.lastLogin.never=Jamais
-policyFailure.dictionary=▪ ne peut pas être pris d'un dictionnaire.
-policyFailure.history.History=▪ doit être différent des mots de passe préalablement sélectionnés.
-policyFailure.regex.control=▪ ne peut contenir plus de {0} caractères de commande.
-policyFailure.regex.lower=▪ doit contenir au moins {0} caractère(s) minuscule(s).
-policyFailure.regex.maxCharacterRepetitions=▪ ne peut contenir une séquence de plus de {0} du même caractère.
-policyFailure.regex.maxLength=La longueur doit être d'au plus {0}.
-policyFailure.regex.minLength=La longueur doit être d'au moins {0}.
-policyFailure.regex.nonAlnum=▪ doit contenir au moins  {0} caractères non alphanumériques.
-policyFailure.regex.nonAscii=▪ ne peut contenir plus de {0} caractères non ASCII ({1}).
-policyFailure.regex.nonGraph=▪ ne peut contenir plus de {0} caractères non imprimables ({1}).
-policyFailure.regex.nonLetter=▪ doit contenir au moins {0} caractères qui ne sont pas des lettres.
-policyFailure.regex.numeric=▪ doit comprendre {0} caractères numériques.
-policyFailure.regex.upper=▪ doit contenir au moins {0} caractère(s) majuscule(s).
-policyInfo.dictionary=▪ ne peut pas être pris d'un dictionnaire.
-policyInfo.history.History=▪ ne peut pas être l' précédemment choisis.
-policyInfo.regex.control=▪ ne peut contenir plus de {0} caractères de commande.
-policyInfo.regex.lower=▪ doit contenir au moins {0} caractère(s) minuscule(s).
-policyInfo.regex.maxCharacterRepetitions=▪ ne peut contenir une séquence de plus de {0} du même caractère.
-policyInfo.regex.maxLength=▪ la longueur doit être d'au plus {0}.
-policyInfo.regex.minLength=▪ la longueur doit être d'au moins {0}.
-policyInfo.regex.nonAlnum=▪ doit contenir au moins  {0} caractères non alphanumériques.
-policyInfo.regex.nonAscii=▪ ne peut contenir plus de {0} caractères non ASCII.
-policyInfo.regex.nonGraph=▪ ne peut contenir plus de {0} caractères non imprimables.
-policyInfo.regex.nonLetter=▪ doit contenir au moins {0} caractères qui ne sont pas des lettres.
-policyInfo.regex.numeric=▪ doit comprendre au minimum {0} caractères numériques.
-policyInfo.regex.upper=▪ doit contenir au moins {0} caractère(s) majuscule(s).
-policyInfo.title=Le mot de passe doit respecter les règles suivantes:
-reject.button.label=Refuser
-submit.button.label=Envoyer
-tan.sent=Veuillez saisir le code de sécurité que vous avez reçu au votre téléphone mobile.
-title.logout=Logout
-title.logout.confirmation=Logout
-title.logout.reminder=Logout
-title.oauth.consent=Autorisation du client
-title.saml.failed=Error
-title.timeout.page=Logout

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/LitDict_it.properties

@@ -1,80 +0,0 @@
-
-accept.button.label=Accettare
-cancel.button.label=Abortire
-continue.button.label=Continua
-deputy.profile.label=(profilo del delegato)
-error.saml.failed=Chiudi il browser e riprova.
-error_1=Verificare i dati immessi.
-error_10=Per favore selezionare il conto utente corretto.
-error_100=Impossibile caricare il certificato. Questo certificato esiste già. La preghiamo di contattare il Suo help desk.
-error_101=L'indirizzo e-mail inserito non è valido.
-error_11=Scegliere un altro certificato.
-error_2=Per favore scegliere un altro nome.
-error_3=Il conto verrà bloccato se il prossimo login non andrà a buon fine.
-error_4=La nuova password non è stata accettata. Scegliere una password che sia conforme ai criteri di password.
-error_5=La conferma della password è errata.
-error_50=La nuova password è troppo corta.
-error_55=La nuova password deve essere diversa dalla vecchia.
-error_6=È necessario modificare la password.
-error_7=Set up inizale dell'account per il portale necessario.
-error_8=L'account è stato bloccato. Rivolgersi al servizio assistenza oppure provare con un altro strumento di autenticazione.
-error_81=Nessuna carta di accesso trovata, accesso da internet rifiutato.
-error_83=La sua carta di accesso non è più valida. Per favore contatti il suo assistente per ricevere una nuova carta di accesso.
-error_9=La sessione non può essere ripresa.
-error_97=Non si dispone delle autorizzazioni necessarie per accedere a questa risorsa.
-error_98=L'account è stato bloccato.
-error_99=Errore di sistema. Riprovare.
-info.logout.confirmation=Si prega di confermare che si desidera disconnettersi.
-info.logout.reminder=La sessione su questa applicazione è scaduta. Prova ancora con un login.
-info.oauth.consent=Vuoi consentire all'applicazione?
-info.timeout.page=La sessione su questa applicazione è scaduta. Prova ancora con un login.
-login.button.label=Login
-logout.label=Logout
-logout.text=È uscito con successo.
-method.certificate.label=Certificato
-method.fido.label=Mobile Authentication
-method.fido2.label=FIDO 2
-method.mtan.label=Codice mTAN
-method.oath.label=App di autenticazione OATH
-method.otp.label=OTP (One-Time Password)
-method.recovery.label=Codici di ripristino
-method.safeword.label=SafeWord
-method.securid.label=SecurID
-method.ticket.label=Ticket
-outarg.lastLogin.never=Mai
-policyFailure.dictionary=▪ non può essere presa da un dizionario.
-policyFailure.history.History=▪ deve essere diversa da password precedenti.
-policyFailure.regex.control=▪ non può contenere più di {0} caratteri di controllo.
-policyFailure.regex.lower=▪ deve conenere almeno {0} caratteri minuscoli.
-policyFailure.regex.maxCharacterRepetitions=▪ non può contentere una sequenza più lunga di {0} caratteri uguali.
-policyFailure.regex.maxLength=▪ deve contenere al massimo {0} caratteri.
-policyFailure.regex.minLength=▪ deve contenere almeno {0} caratteri.
-policyFailure.regex.nonAlnum=▪ deve conenere almeno {0} caratteri non alfanumerici.
-policyFailure.regex.nonAscii=▪ non può contenere più di {0} caratteri non ASCII.
-policyFailure.regex.nonGraph=▪ non può contenere più di {0} caratteri non stampabili.
-policyFailure.regex.nonLetter=▪ non può contenere più di {0} numeri o caratteri speciali.
-policyFailure.regex.numeric=▪ deve contenere {0} caratteri numerici.
-policyFailure.regex.upper=▪ deve conenere almeno {0} caratteri maiuscoli.
-policyInfo.dictionary=▪ non può essere presa da un dizionario.
-policyInfo.history.History=▪ deve essere diversa dalle password precedenti.
-policyInfo.regex.control=▪ non può contenere più di {0} carattere/i di controllo.
-policyInfo.regex.lower=▪ deve conenere almeno {0} carattere/i minuscolo/i.
-policyInfo.regex.maxCharacterRepetitions=▪ non può contentere una sequenza più lunga di {0} caratteri uguali.
-policyInfo.regex.maxLength=▪ deve contenere al massimo {0} carattere/i.
-policyInfo.regex.minLength=▪ deve contenere almeno {0} carattere/i.
-policyInfo.regex.nonAlnum=▪ deve conenere almeno {0} carattere/i non alfanumerico/i.
-policyInfo.regex.nonAscii=▪ non può contenere più di {0} carattere/i non ASCII.
-policyInfo.regex.nonGraph=▪ non può contenere più di {0} carattere/i non stampabile/i.
-policyInfo.regex.nonLetter=▪ non può contenere più di {0} numero/i o caratere/i speciale/i.
-policyInfo.regex.numeric=▪ deve contenere un minimo di {0} carattere/i numerico/i.
-policyInfo.regex.upper=▪ deve conenere almeno {0} carattere/i maiuscolo/i.
-policyInfo.title=La password deve rispettare le seguenti direttive:
-reject.button.label=Rifiuti
-submit.button.label=Continua
-tan.sent=Inserisci il codice di sicurezza che è stato inviato al tuo telefono cellulare.
-title.logout=Logout
-title.logout.confirmation=Logout
-title.logout.reminder=Logout
-title.oauth.consent=Autorizzazione del client
-title.saml.failed=Error
-title.timeout.page=Logout

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/bc.properties

@@ -1 +0,0 @@
-bc.tracer.TraceIndentFactory=ch.nevis.bc.io.Log4jTraceIndentFactory

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/env.conf

@@ -1,19 +0,0 @@
-RTENV_SECURITY_CHECK=no_shell
-
-JAVA_OPTS=(
-    "-XX:+UseContainerSupport"
-    "-Dfile.encoding=UTF-8"
-    "-XX:MaxRAMPercentage=80.0"
-    "-Djava.net.preferIPv4Stack=true"
-    "-Djava.net.connectionTimeout=10000"
-    "-Djava.net.readTimeout=15000"
-    "-Dch.nevis.esauth.config=/var/opt/nevisauth/default/conf/esauth4.xml"
-    "-Djava.awt.headless=true"
-    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
-    "-Dotel.javaagent.logging=application"
-    "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
-    "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/tls-swissid/truststore.p12"
-    "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/tls-swissid/keypass}"
-)
-

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/esauth4.security

@@ -1,2 +0,0 @@
-# this file is generated by nevisAdmin 4
-security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/esauth4.xml

@@ -1,338 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE esauth-server SYSTEM "/opt/nevisauth/dtd/esauth4.dtd">
-<esauth-server instance="nai">
-    <!-- source: pattern://6ec6739e824c8e56d9633622, pattern://b67f81a971e4c08aa79040a2 -->
-    <SessionCoordinator sessionInitialInactivityTimeout="600" sessionInactivityTimeout="28800" sessionMaxLifetime="28800" sessionIdPreGenerate="true">
-        <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-        <LocalSessionStore maxSessions="100000"/>
-        <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-        <TokenAssembler name="DefaultTokenAssembler">
-            <Selector default="true"/>
-            <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
-            <TokenSpec ttl="28800">
-                <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-                <field src="session" key="ch.nevis.session.sessid" as="sessid"/>
-                <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-                <field src="session" key="ch.nevis.session.userid" as="userid"/>
-                <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-                <field src="session" key="ch.nevis.session.authlevel" as="authLevel"/>
-                <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-                <field src="session" key="ch.nevis.session.esauthid" as="esauthid"/>
-                <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-                <field src="session" key="ch.nevis.session.entryid" as="entryid"/>
-                <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-                <field src="session" key="ch.nevis.session.loginid" as="loginId"/>
-                <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-                <field src="session" key="ch.nevis.session.domain" as="domain"/>
-                <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-                <field src="session" key="ch.nevis.session.secroles" as="roles"/>
-            </TokenSpec>
-            <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-            <Signer key="DefaultSigner"/>
-        </TokenAssembler>
-        <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-        <KeyStore name="DefaultKeyStore">
-            <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-            <KeyObject name="DefaultSigner" certificate="/var/opt/keys/own/nai-sh4r3d-default-default-signer/cert.pem" privateKey="/var/opt/keys/own/nai-sh4r3d-default-default-signer/keystore.jks" passPhrase="pipe:///var/opt/keys/own/nai-sh4r3d-default-default-signer/keypass"/>
-            <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-            <KeyObject name="DefaultSignerTrust" certificate="/var/opt/keys/trust/nai-default-default-signer-trust/truststore.jks"/>
-        </KeyStore>
-        <!-- source: pattern://d9ea344685ab4a9bb0e1e3e7 -->
-        <KeyStore name="JwtToken">
-            <!-- source: pattern://d9ea344685ab4a9bb0e1e3e7 -->
-            <KeyObject name="tokensigner" certificate="/var/opt/keys/own/tokensigner/cert.pem" privateKey="/var/opt/keys/own/tokensigner/keystore.jks" passPhrase="pipe:///var/opt/keys/own/tokensigner/keypass"/>
-        </KeyStore>
-    </SessionCoordinator>
-    <!-- source: pattern://6ec6739e824c8e56d9633622 -->
-    <LocalOutOfContextDataStore reaperPeriod="60"/>
-    <!-- source: pattern://6ec6739e824c8e56d9633622, pattern://b67f81a971e4c08aa79040a2 -->
-    <AuthEngine useLiteralDictionary="true" literalDictionaryLanguages="en,de,fr,it" inputLanguageCookie="LANG" compatLevel="none" addAutheLevelToSecRoles="true" classPath="/var/opt/nevisauth/default/plugin:/opt/nevisauth/plugin" propagateSession="false">
-        <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
-        <Domain name="cossa_realm" default="false" inactiveInterval="7200" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
-            <Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint"/>
-            <Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
-            <Entry method="logout" state="cossa_realm_AuthorizationServer"/>
-            <Entry method="logout" state="cossa_realm_AuthorizationServer" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
-            <Entry method="stepup" state="cossa_realm_Selector"/>
-            <Entry method="stepup" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
-        </Domain>
-        <AuthState name="cossa_realm_TokenExchangeEndpoint" class="ch.adnovum.cossa.TokenExchangeEndpoint" authLevel="auth.weak" final="false" resumeState="true">
-            <!-- source: pattern://89578db79d2bc15d55e11141 -->
-            <ResultCond name="failed" next="cossa_realm_auth_failed"/>
-            <!-- source: pattern://89578db79d2bc15d55e11141 -->
-            <ResultCond name="invalid_client" next="cossa_realm_auth_failed"/>
-            <!-- source: pattern://89578db79d2bc15d55e11141 -->
-            <ResultCond name="invalid_grant" next="cossa_realm_auth_failed"/>
-            <!-- source: pattern://89578db79d2bc15d55e11141 -->
-            <ResultCond name="invalid_request" next="cossa_realm_auth_failed"/>
-            <!-- source: pattern://89578db79d2bc15d55e11141 -->
-            <ResultCond name="invalid_scope" next="cossa_realm_auth_failed"/>
-            <!-- source: pattern://89578db79d2bc15d55e11141 -->
-            <ResultCond name="ok" next="cossa_realm_IdTokenVerification"/>
-            <!-- source: pattern://89578db79d2bc15d55e11141 -->
-            <ResultCond name="refresh_token" next="cossa_realm_RewriteRequestForAuthorizationServerAuthstate"/>
-            <!-- source: pattern://89578db79d2bc15d55e11141 -->
-            <ResultCond name="unauthorized_client" next="cossa_realm_auth_failed"/>
-            <!-- source: pattern://89578db79d2bc15d55e11141 -->
-            <ResultCond name="unsupported_grant_type" next="cossa_realm_auth_failed"/>
-            <!-- source: pattern://89578db79d2bc15d55e11141 -->
-            <Response value="AUTH_CONTINUE">
-                <!-- source: pattern://89578db79d2bc15d55e11141 -->
-                <Gui name="Default"/>
-            </Response>
-            <propertyRef name="cossa_realm_AuthorizationServer"/>
-        </AuthState>
-        <AuthState name="cossa_realm_auth_failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="false">
-            <!-- source: pattern://72e29eb80a951e518ce123e4 -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://72e29eb80a951e518ce123e4 -->
-                <Gui name="Error">
-                    <!-- source: pattern://72e29eb80a951e518ce123e4 -->
-                    <GuiElem name="info" type="error" label="error_99"/>
-                    <!-- source: pattern://72e29eb80a951e518ce123e4 -->
-                    <GuiElem name="submit" type="button" label="continue.button.label"/>
-                </Gui>
-            </Response>
-        </AuthState>
-        <AuthState name="cossa_realm_IdTokenVerification" class="ch.adnovum.cossa.IdTokenVerification" final="false" resumeState="false">
-            <!-- source: pattern://a976546c6a56dc04c0d34592 -->
-            <ResultCond name="failed" next="cossa_realm_auth_failed"/>
-            <!-- source: pattern://a976546c6a56dc04c0d34592 -->
-            <ResultCond name="invalid_grant" next="cossa_realm_auth_failed"/>
-            <!-- source: pattern://a976546c6a56dc04c0d34592 -->
-            <ResultCond name="ok" next="cossa_realm_klpscope"/>
-            <!-- source: pattern://a976546c6a56dc04c0d34592 -->
-            <Response value="AUTH_CONTINUE">
-                <!-- source: pattern://a976546c6a56dc04c0d34592 -->
-                <Gui name="Default"/>
-            </Response>
-            <!-- source: pattern://a976546c6a56dc04c0d34592 -->
-            <property name="well_known_url" value="https://login.sandbox.pre.swissid.ch/idp/oauth2/.well-known/openid-configuration"/>
-            <!-- source: pattern://a976546c6a56dc04c0d34592 -->
-            <property name="httpclient.tls.trustAll" value="true"/>
-            <!-- source: pattern://a976546c6a56dc04c0d34592 -->
-            <property name="use_caching" value="true"/>
-        </AuthState>
-        <AuthState name="cossa_realm_RewriteRequestForAuthorizationServerAuthstate" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false">
-            <!-- source: pattern://b6cbd53b8eee023b6d65f62d -->
-            <ResultCond name="ok" next="cossa_realm_AuthorizationServer"/>
-            <!-- source: pattern://b6cbd53b8eee023b6d65f62d -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://b6cbd53b8eee023b6d65f62d -->
-                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
-            </Response>
-            <!-- source: pattern://b6cbd53b8eee023b6d65f62d -->
-            <property name="inargs:grant_type" value="refresh_token"/>
-            <!-- source: pattern://b6cbd53b8eee023b6d65f62d -->
-            <property name="inargs:refresh_token" value="${inargs:subject_token}"/>
-        </AuthState>
-        <AuthState name="cossa_realm_AuthorizationServer" class="ch.nevis.esauth.auth.states.oauth2.AuthorizationServer" final="false" resumeState="true">
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <ResultCond name="authenticate:valid-authorization-request" next="cossa_realm_simulatelogin"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <ResultCond name="invalid-authorization-request" next="cossa_realm_auth_failed"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <ResultCond name="invalid-client" next="cossa_realm_JwtToken"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <ResultCond name="invalid-redirect-uri" next="cossa_realm_auth_failed"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <ResultCond name="invalid-token-request" next="cossa_realm_auth_failed"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <ResultCond name="stepup:valid-authorization-request" next="cossa_realm_simulatelogin"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="keystoreref" value="JwtToken"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="jwt.bearer.aud" value="testaudience"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="keyobjectref" value="tokensigner"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="keyID" value="tokensigner"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="openid.idTokenLifetime" value="600"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="authCodeLifetime" value="60"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="propagationScope" value="session"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="dataSource" value="nevisMeta"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="nevismeta.location" value="https://hans.agov-d.azure.adnovum.net/nevismeta/rest/modules/oauthv2/setups/Setup_00000000000000000000000000000000/entities/"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="openid.support" value="true"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="openid.issuerId" value="https://cossa.agov-w.azure.adnovum.net"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.openid" value=""/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.openid.authorizationCodeFlowPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.openid.refreshTokenRequestPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.openid.implicitFlowPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.openid.clientCredentialsFlowPolicy" value="true"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.offline_access" value=""/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.offline_access.authorizationCodeFlowPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.offline_access.refreshTokenRequestPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.offline_access.implicitFlowPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.offline_access.clientCredentialsFlowPolicy" value="true"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.address" value=""/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.address.authorizationCodeFlowPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.address.refreshTokenRequestPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.address.implicitFlowPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.address.clientCredentialsFlowPolicy" value="true"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.profile" value=""/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.profile.authorizationCodeFlowPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.profile.refreshTokenRequestPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.profile.implicitFlowPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.profile.clientCredentialsFlowPolicy" value="true"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.email" value=""/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.email.authorizationCodeFlowPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.email.refreshTokenRequestPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.email.implicitFlowPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.email.clientCredentialsFlowPolicy" value="true"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.phone" value=""/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.phone.authorizationCodeFlowPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.phone.refreshTokenRequestPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.phone.implicitFlowPolicy" value="NO_CONSENT_REQUIRED"/>
-            <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
-            <property name="scope.phone.clientCredentialsFlowPolicy" value="true"/>
-        </AuthState>
-        <AuthState name="cossa_realm_klpscope" class="ch.adnovum.cossa.KLPScopeToProfileBinding" final="false" resumeState="true">
-            <!-- source: pattern://9c293034211ea47bd3e9c12b -->
-            <ResultCond name="default" next="cossa_realm_CallPolicyVerificationAPI"/>
-            <!-- source: pattern://9c293034211ea47bd3e9c12b -->
-            <Response value="AUTH_CONTINUE"/>
-            <!-- source: pattern://9c293034211ea47bd3e9c12b -->
-            <property name="prioritiesSource" value="klp-profiles.conf"/>
-            <!-- source: pattern://9c293034211ea47bd3e9c12b -->
-            <property name="profileExpression" value="oauth2.scope.${notes:scope}.metadata.klp_profile"/>
-        </AuthState>
-        <AuthState name="cossa_realm_simulatelogin" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false">
-            <!-- source: pattern://680c047dd9a5220fae3c9c3e -->
-            <ResultCond name="ok" next="cossa_realm_Prepare_Done"/>
-            <!-- source: pattern://680c047dd9a5220fae3c9c3e -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://680c047dd9a5220fae3c9c3e -->
-                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
-            </Response>
-            <!-- source: pattern://680c047dd9a5220fae3c9c3e -->
-            <property name="request:UserId" value="39c985c5-a1e8-4c64-8c34-aeac0cd82109"/>
-            <!-- source: pattern://680c047dd9a5220fae3c9c3e -->
-            <property name="roles:add" value="1"/>
-            <!-- source: pattern://680c047dd9a5220fae3c9c3e -->
-            <property name="session:ch.adnovum.nevisidm.clientId" value="100"/>
-            <!-- source: pattern://680c047dd9a5220fae3c9c3e -->
-            <property name="session:ch.adnovum.nevisidm.profileId" value="a6d8860a-26b7-420c-8c3d-1f531d9fd968"/>
-            <!-- source: pattern://680c047dd9a5220fae3c9c3e -->
-            <property name="session:ch.nevis.session.loginid" value="meta.admin@adnovum.ch"/>
-        </AuthState>
-        <AuthState name="cossa_realm_JwtToken" class="ch.nevis.esauth.auth.states.jwt.JWTToken" final="false" resumeState="true">
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <ResultCond name="ok" next="cossa_realm_Prepare_Done"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <Response value="AUTH_ERROR"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <property name="out.audience" value="https://www.adnovum.ch"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <property name="out.issuer" value="https://my.nevis.server"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <property name="out.time_to_live" value="86400"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <property name="token.algorithm" value="RS256"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <property name="keystoreref" value="JwtToken"/>
-            <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
-            <property name="keyobjectref" value="tokensigner"/>
-        </AuthState>
-        <AuthState name="cossa_realm_CallPolicyVerificationAPI" class="ch.adnovum.cossa.CallPolicyVerificationAPI" final="false" resumeState="false">
-            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-            <ResultCond name="multiple_profiles" next="cossa_realm_Authentication_Failed"/>
-            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-            <ResultCond name="no_valid_profile" next="cossa_realm_Authentication_Failed"/>
-            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-            <ResultCond name="ok" next="cossa_realm_Prepare_Done"/>
-            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-            <Response value="AUTH_CONTINUE">
-                <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-                <Gui name="Default"/>
-            </Response>
-            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-            <property name="evaluatePoliciesForAllProfiles" value="false"/>
-            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-            <property name="klpURL" value="https://klp.agov-w.azure.adnovum.net/api/endpoint"/>
-            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-            <property name="basicAuthUsername" value="testbasicauth"/>
-            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-            <property name="basicAuthPassword" value="testtesttest"/>
-        </AuthState>
-        <AuthState name="cossa_realm_Prepare_Done" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
-            <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
-            <ResultCond name="default" next="cossa_realm_Auth_Done"/>
-            <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
-            <Response value="AUTH_DONE">
-                <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
-                <Gui name="ContinueResponse"/>
-            </Response>
-            <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
-            <property name="script" value="file:///var/opt/nevisauth/default/conf/prepare_done.groovy"/>
-        </AuthState>
-        <AuthState name="cossa_realm_Authentication_Failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="false">
-            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-                <Gui name="Error">
-                    <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-                    <GuiElem name="info" type="error" label="error_99"/>
-                    <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
-                    <GuiElem name="submit" type="button" label="continue.button.label"/>
-                </Gui>
-            </Response>
-        </AuthState>
-        <AuthState name="cossa_realm_Auth_Done" class="ch.nevis.esauth.auth.states.standard.AuthDone" final="false">
-            <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
-            <Response value="AUTH_DONE">
-                <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
-                <Gui name="ContinueResponse"/>
-            </Response>
-        </AuthState>
-        <AuthState name="cossa_realm_Selector" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
-            <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
-            <ResultCond name="nomatch" next="cossa_realm_Prepare_Done"/>
-            <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
-                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
-            </Response>
-        </AuthState>
-    </AuthEngine>
-    <!-- source: pattern://b0fedec4607e1e69103b8497 -->
-    <RESTService name="rest" class="ch.nevis.esauth.rest.service.tokenintrospection.TokenIntrospectionService" path="/oauth/introspect2/">
-        <!-- source: pattern://b0fedec4607e1e69103b8497 -->
-        <property name="authstates" value="cossa_realm_AuthorizationServer"/>
-    </RESTService>
-</esauth-server>

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/klp-profiles.conf

@@ -1,25 +0,0 @@
-suisseid_auth_address_verified
-suisseid_auth_address_required
-suisseid_auth_mobile_verified
-suisseid_auth_mobile_required
-suisseid_auth_phone_required
-suisseid_auth
-password_auth_address_verified
-password_auth_address_required
-password_auth_mobile_verified
-password_auth_mobile_required
-password_auth_phone_required
-password_auth
-email_auth_address_verified
-email_auth_address_required
-email_auth_mobile_verified
-email_auth_mobile_required
-email_auth_phone_required
-email_auth
-autologin_auth_address_verified
-autologin_auth_address_required
-autologin_auth_mobile_verified
-autologin_auth_mobile_required
-autologin_auth_phone_required
-autologin_auth
-default

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/logging.yml

@@ -1,57 +0,0 @@
-Configuration:
-  monitorInterval: 60
-  Appenders:
-    Console:
-    - name: "SERVER"
-      target: "SYSTEM_OUT"
-      PatternLayout:
-        pattern: "[esauth4sv.log] %d{ISO8601} %-15.15t %mdc{trace_id} %mdc{span_id} %-20.20c %-5.5p %m%n"
-      RegexFilter:
-        regex: ".*GET /nevisauth/liveness.*"
-        onMatch: "DENY"
-        onMismatch: "ACCEPT"
-  Loggers:
-    Logger:
-    - name: "EsAuthStart"
-      level: "INFO"
-    - name: "org.apache.catalina.loader.WebappClassLoader"
-      level: "FATAL"
-    - name: "org.apache.catalina.startup.HostConfig"
-      level: "ERROR"
-    - name: "ch.nevis.esauth.events"
-      level: "FATAL"
-    - name: "AuthEngine"
-      level: "INFO"
-    - name: "HttpClient"
-      level: "TRACE"
-    - name: "OAuth2"
-      level: "DEBUG"
-    - name: "StdStates"
-      level: "DEBUG"
-    - name: "Vars"
-      level: "INFO"
-    - name: "ch.adnovum.cossa.CachingIDTokenVerifier"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.CallPolicyVerificationAPI"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.IDTokenVerifier"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.IdTokenVerification"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.KLPScopeToProfileBinding"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.SimpleIDTokenValidator"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.SimpleIDTokenVerifier"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.TokenExchangeEndpoint"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.TokenExchangeEndpointRefresh"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.TokenGenerator"
-      level: "DEBUG"
-    Root:
-      level: "WARN"
-      additivity: "false"
-      AppenderRef:
-      - ref: "SERVER"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/nevisauth.yml

@@ -1,16 +0,0 @@
-server:
-  name: "default"
-  protocol: "https"
-  port: "8991"
-  host: "0.0.0.0"
-  tls:
-    keystore: "/var/opt/keys/own/nai-default-identity/keystore.p12"
-    keystore-passphrase: "${exec:/var/opt/keys/own/nai-default-identity/keypass}"
-    client-auth: "required"
-    truststore: "/var/opt/keys/trust/nai-default-tls-client-trust/truststore.p12"
-    truststore-passphrase: "${exec:/var/opt/keys/trust/nai-default-tls-client-trust/keypass}"
-management:
-  server:
-    port: "9000"
-  healthchecks:
-    enabled: "true"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/otel.properties

@@ -1,4 +0,0 @@
-otel.service.name = nai
-otel.traces.exporter = none
-otel.metrics.exporter = none
-otel.logs.exporter = none

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/prepare_done.groovy

@@ -1,23 +0,0 @@
-// nevisProxy replaces the entire AUTH: scope when new outargs are returned by nevisAuth.
-// Thus, we have to store tokens in the session (as a String) and restore them on subsequent step-ups.
-
-// restore tokens
-session.each { key, value ->
-    if (key.startsWith('outarg.token.')) {
-        def name = key.substring(7)
-        if (outargs.containsKey(name)) {
-            LOG.debug("not restoring token (outarg: $name) from session: outarg already set")
-        }
-        else {
-            LOG.debug("restoring token (outarg: $name) from session")
-            outargs.put(name, value)
-        }
-    }
-}
-
-// store tokens
-outargs.each { name, value ->
-    if (name.startsWith('token.')) {
-        session.put('outarg.' + name, value)
-    }
-}

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/status.sh

@@ -1,79 +0,0 @@
-#!/bin/bash
-#
-# NAME
-#     status.sh - Checks the status of the nevisAuth instance.
-#
-# SYNOPSIS
-#     status.sh
-#
-# DESCRIPTION
-#     Performs periodic checks until the instance is up or broken or timeout is reached.
-#     The script terminates when the process of the instance stops running.
-#     There are no arguments for this script.
-#
-# EXIT CODES
-#  0    Instance is up.
-#  1    Instance process is not running.
-#  2    Instance is broken.
-#  3    Timeout reached.
-
-# Defines how much we should sleep between checking if the instance is up.
-interval=1
-# Defines how much we should wait the instance to start up until we give up and exit.
-timeout=70
-((end_time=${SECONDS}+$timeout))
-
-# Checks if the process of the instance is still running.
-# Arguments:
-#   None
-# Returns:
-#   In case it is running, returns 0, otherwise non-zero (exit code of systemctl).
-isProcessRunning() {
-  systemctl is-active --quiet nevisauth@default
-  IS_RUNNING=$?
-  return $IS_RUNNING
-}
-
-# Checks if the instance is up. (Attempts connecting to the instance)
-# Arguments:
-#   None
-# Returns:
-#   If the connection was successful and the instance up (is not broken), returns 0.
-#   If the connection was not successful, returns 1.
-checkInstance() {
-  lsof -i :8991 -sTCP:LISTEN
-  EXIT_CODE=$?
-  return $EXIT_CODE
-}
-
-# This function encapsulates the logic of checking if the process is running and if the instance is up.
-# In case the process is not running, exits with exit code 1.
-# Arguments:
-#   None
-# Returns:
-#   If the instance process is running, returns the result of the instance check function.
-check() {
- if isProcessRunning
-  then
-    checkInstance
-    CS=$?
-    return $CS
-  else
-    echo "Process is not running."
-    exit 1
-  fi
-}
-
-# Check the status of the instance periodically.
-while ((${SECONDS} < ${end_time}))
-do
-  sleep ${interval}
-  if check
-  then
-    echo "Instance is up."
-    exit 0
-  fi
-done
-
-echo "Exceeded check timeout (70s). Instance is down."
-exit 3

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/etc/nevis/k8s-nai2-5a02ce1399ca42298422a320.yaml

@@ -1,60 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisComponent"
-metadata:
-  name: "nai2"
-  namespace: "adn-postit-tknxchng-01-dev"
-  labels:
-    deploymentTarget: "nai2"
-  annotations:
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "5a02ce1399ca42298422a320"
-spec:
-  type: "NevisAuth"
-  replicas: 1
-  version: "8.2405.2"
-  gitInitVersion: "1.3.0"
-  runAsNonRoot: true
-  ports:
-    management: 9000
-    soap: 8991
-  resources:
-    limits:
-      cpu: "2"
-      memory: "2000Mi"
-    requests:
-      cpu: "20m"
-      memory: "1000Mi"
-  livenessProbe:
-    soap:
-      tcpSocket: true
-      periodSeconds: 5
-      timeoutSeconds: 4
-  readinessProbe:
-    management:
-      httpGet:
-        path: "/nevisauth/liveness"
-      periodSeconds: 5
-      timeoutSeconds: 6
-  startupProbe:
-    management:
-      httpGet:
-        path: "/nevisauth/liveness"
-      periodSeconds: 5
-      timeoutSeconds: 6
-      failureThreshold: 50
-  podDisruptionBudget:
-    maxUnavailable: "50%"
-  git:
-    tag: "r-46b3c950256851308e60d2bd8d5de9ae4cc6f50e"
-    dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2"
-    credentials: "git-credentials"
-  keystores:
-  - "nai2-sh4r3d-default-default-signer"
-  - "nai2-default-identity"
-  truststores:
-  - "nai2-default-default-signer-trust"
-  - "nai2-default-tls-client-trust"
-  podSecurity:
-    policy: "baseline"
-    automountServiceAccountToken: false
-  timeZone: "Europe/Zurich"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/etc/nevis/k8s-nai2-default-default-signer-trust-5a02ce1399ca42298422a320.yaml

@@ -1,14 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisTrustStore"
-metadata:
-  name: "nai2-default-default-signer-trust"
-  namespace: "adn-postit-tknxchng-01-dev"
-  labels:
-    deploymentTarget: "nai2"
-  annotations:
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "5a02ce1399ca42298422a320"
-spec:
-  keystores:
-  - name: "nai2-sh4r3d-default-default-signer"
-    namespace: "adn-postit-tknxchng-01-dev"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/etc/nevis/k8s-nai2-default-identity-5a02ce1399ca42298422a320.yaml

@@ -1,18 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisKeyStore"
-metadata:
-  name: "nai2-default-identity"
-  namespace: "adn-postit-tknxchng-01-dev"
-  labels:
-    deploymentTarget: "nai2"
-  annotations:
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "5a02ce1399ca42298422a320"
-spec:
-  cn: "nai2"
-  usage: "<reserved for future use>"
-  san:
-    dns:
-    - "nai2"
-    - "nai2.adn-postit-tknxchng-01-dev"
-    email: []

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/etc/nevis/k8s-nai2-default-tls-client-trust-5a02ce1399ca42298422a320.yaml

@@ -1,14 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisTrustStore"
-metadata:
-  name: "nai2-default-tls-client-trust"
-  namespace: "adn-postit-tknxchng-01-dev"
-  labels:
-    deploymentTarget: "nai2"
-  annotations:
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "5a02ce1399ca42298422a320"
-spec:
-  keystores:
-  - name: "npi-mockrelam-identity"
-    namespace: "adn-postit-tknxchng-01-dev"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/etc/nevis/k8s-nai2-sh4r3d-default-default-signer-5a02ce1399ca42298422a320.yaml

@@ -1,16 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisKeyStore"
-metadata:
-  name: "nai2-sh4r3d-default-default-signer"
-  namespace: "adn-postit-tknxchng-01-dev"
-  labels:
-    deploymentTarget: "nai2"
-  annotations:
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "5a02ce1399ca42298422a320"
-spec:
-  cn: "signer"
-  usage: "signer"
-  san:
-    dns: []
-    email: []

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/etc/nevis/nevisauth_default.yml

@@ -1,18 +0,0 @@
-schemaVersion: 1.0
-instance:
-  type: "nevisauth"
-  name: "default"
-  directory: "/var/opt/nevisauth/default"
-  pid: "systemctl show nevisauth@default -p MainPID | cut -d '=' -f2"
-  source:
-    url: "/nevisadmin/#/projects/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/patterns/5a02ce1399ca42298422a320"
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "5a02ce1399ca42298422a320"
-    patternClass: "ch.nevis.admin.v4.plugin.nevisauth.patterns.NevisAuthDeployable"
-  resources:
-    ports:
-    - "0.0.0.0:8991"
-  control:
-    start: "systemctl restart nevisauth@default &"
-    stop: "systemctl stop nevisauth@default"
-    status: "systemctl status nevisauth@default"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/keys/trust/tls-swissid/keypass

@@ -1,2 +0,0 @@
-#!/bin/bash
-echo 'password'

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/keys/trust/tls-swissid/truststore.pem

@@ -1,38 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIGkzCCBHugAwIBAgIULa4PojoMOF/785XA2QNkLRQYTS4wDQYJKoZIhvcNAQEL
-BQAwUTELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzErMCkGA1UE
-AxMiU3dpc3NTaWduIFJTQSBUTFMgUm9vdCBDQSAyMDIyIC0gMTAeFw0yMjA2Mjkw
-OTMwNDdaFw0zNjA2MjkwOTMwNDdaMFAxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxT
-d2lzc1NpZ24gQUcxKjAoBgNVBAMTIVN3aXNzU2lnbiBSU0EgVExTIEVWIElDQSAy
-MDIyIC0gMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL61hlRf7Jxo
-0msjavo1pgChwWBDYix5Zd0CnhciVYUCk30Ko6BxFBICoSsZ1gXGqlT20g/AYqYL
-xuKcdNNAJ/LHT6k2zL3UhSpx+eHjeTGQ7id2jC1HKRZ9zA8YXdhtY3oJom7B3ykE
-d/j0KVmHy9tP1A0rt3ntbJLfLIS6uWogx2KfFs8MwtoAZLiGvp49SHly6p450fcz
-payPIWu12PfVQjLg7b9NitlDlYEWiCAL7R3jINw2yMwcdBvq2gy+ZZsiYkSb1m+h
-ABOGxU6SCN6w7GgRWWveSaJBvRokUvIon/wsZK51j8RM4TsoR60Wei8ftSBL75BI
-g9Us8dkBXDa8vqoDVpc9zs6pan5XN8KymNT52j4gEe161eYTtbiME4KdSWtVsA7e
-rdkHsXKJTRIxxdpUkQXxhLXEoyDed/BVgV1yhTeN6YCFX7AiocAi5rPUplc6LV58
-CCUWFMSWEJxOYQUrwWFLNzQMnE969hnvdhuO8ZeqtpwFwX/OLryWoil+jGobRm/1
-OQS9+urcVygrzZ9Dy9Q/OF/oq9NeaijvL2Ncjkj5f6uJzgXkm7PwjnHrL2FWBkhp
-oM/vyT1VAgWNoku3jIyedtyJ9lUECwPIzQuddQYOL8FwhaFmvtHnOLpiy2ctbwir
-gJW+KcsNkpHg0N5stJcPzPvlssmNBHbNAgMBAAGjggFiMIIBXjBcBggrBgEFBQcB
-AQRQME4wTAYIKwYBBQUHMAKGQGh0dHA6Ly9haWEuc3dpc3NzaWduLmNoL2Fpci1h
-ZWZmMzc0ZC0wZjdhLTRjNTUtYTAzNC0xNDQwMjkwY2ZhMzIwEgYDVR0TAQH/BAgw
-BgEB/wIBADAoBgNVHSAEITAfMAcGBWeBDAEBMAgGBgQAj3oBBDAKBghghXQBWQIB
-AzBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8vY3JsLnN3aXNzc2lnbi5jaC9jZHAt
-OTY2MWMyOWYtOTEyMS00ZjQ2LWFjZDgtZWFkNGEyMmY3MTYwMB0GA1UdJQQWMBQG
-CCsGAQUFBwMBBggrBgEFBQcDAjAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFElS
-3zCGkllfNJwlSCSrwOvRBvLWMB8GA1UdIwQYMBaAFG+OYouTQ7DhQPanw/3xD7gP
-FTilMA0GCSqGSIb3DQEBCwUAA4ICAQBugn943V4fbEbG+Leb4YXTWLLfPIC+mrdc
-H6v1+Iws+XCzoKthaDk0c346mSaXZM9to5xDOWgfEnBYbVioMyI/5EABbg4ARkgp
-dj50FPe9MtLD4kOZFv/8LoRH+WdAfQUsxS1RQincUnYWAxmRNOHLdnbyiQt3sYDl
-6tZzURSMnMUec4stxfLT4VQE1Ew6Phr06CouYOd5ON+mWkFhROz3jx5PTXcECrqQ
-IT27wJ4mzKA6W9p69ZDFi/+FcpN9vCjzksi0w8i62DwtbO8Pj3ZEOL8z6+cwXyT7
-X7Zt96vufj+bsxFo1IXQ6cb2i13qpThSHL4NA1NhUbB/ipMbxNtBJ4fwtcG8SAUs
-jRXgG/RYrXRorG90KU/dcezixY4yKnlIdkkhpV7h8jY2+XS7GbjaKee8pPeAFXgs
-Hzdi+EhZvHOVfshaKL2CAELrYn8Tzo2Zt9zsbif8L7bPJROS3xqzn+GbCFt67/8Y
-jTh84Taa4D49H6V+p01QPkvG7ub7Rw52fm56zY3mabbhbsREOceswsfunxSN/SOE
-pLKVMopuVnRcwVIWmnzH9BlBhIzLqOS4kCYA5E5Irw217j/JTGVWEdMN0ar09nGh
-WA2Eq8aDANjAP1bao/4nmxsFU2zKbTR40Tb7/HKB5jaItYdkz6ppnxQDLTWe7T6+
-nGZwqmYtbQ==
------END CERTIFICATE-----

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/LitDict.properties

@@ -1,80 +0,0 @@
-
-accept.button.label=Accept
-cancel.button.label=Cancel
-continue.button.label=Continue
-deputy.profile.label=(Deputy Profile)
-error.saml.failed=Please close your browser and try again.
-error_1=Please check your input.
-error_10=Please select the correct user account.
-error_100=Certificate upload not possible. Certificate already exists. Please contact your helpdesk.
-error_101=The entered email address is not valid.
-error_11=Please use another certficate or login with another credential type.
-error_2=Please select another login name.
-error_3=Your account will be locked if next authentication fails.
-error_4=Your new password does not comply with the security policy. Please choose a different password.
-error_5=Error in password confirmation.
-error_50=The new password is too short.
-error_55=The new password has to differ from old passwords.
-error_6=Password change required.
-error_7=Change of login ID required.
-error_8=Your account has been locked due to repeated authentication failures.
-error_81=No access card found, access from internet denied.
-error_83=Your access card is no longer valid. Please contact your advisor to get a new access card.
-error_9=Session take over failed.
-error_97=You are not authorized to access this resource.
-error_98=Your account has been locked.
-error_99=System problems. Please try later.
-info.logout.confirmation=Please confirm that you want to log out.
-info.logout.reminder=Your session on this application has expired. Try again with a login.
-info.oauth.consent=Do you want to authorise this application to access your data?
-info.timeout.page=Your session on this application has expired. Try again with a login.
-login.button.label=Login
-logout.label=Logout
-logout.text=You have successfully logged out.
-method.certificate.label=Certificate
-method.fido.label=Mobile Authentication
-method.fido2.label=FIDO 2
-method.mtan.label=mTAN Code
-method.oath.label=OATH Authenticator App
-method.otp.label=OTP (One-Time Password)
-method.recovery.label=Recovery Codes
-method.safeword.label=SafeWord
-method.securid.label=SecurID
-method.ticket.label=Ticket
-outarg.lastLogin.never=Never
-policyFailure.dictionary=▪ must not be taken from a dictionary.
-policyFailure.history.History=▪ must be different from previously selected passwords.
-policyFailure.regex.control=▪ cannot contain more than {0} control characters.
-policyFailure.regex.lower=▪ must contain at least {0} lower case characters.
-policyFailure.regex.maxCharacterRepetitions=▪ characters must not occur more than {0} time(s) consecutively.
-policyFailure.regex.maxLength=▪ must be at most {0} characters long.
-policyFailure.regex.minLength=▪ must be at least {0} characters long.
-policyFailure.regex.nonAlnum=▪ must contain at least {0} non-alphanumeric characters.
-policyFailure.regex.nonAscii=▪ cannot contain more than {0} non-ASCII characters.
-policyFailure.regex.nonGraph=▪ cannot contain more than {0} non-printable characters.
-policyFailure.regex.nonLetter=▪ must contain at least {0} non-letter characters.
-policyFailure.regex.numeric=▪ must contain at least {0} numeric characters.
-policyFailure.regex.upper=▪ must contain at least {0} upper case characters.
-policyInfo.dictionary=▪ must not be taken from a dictionary.
-policyInfo.history.History=▪ must be different from previously selected passwords.
-policyInfo.regex.control=▪ cannot contain more than {0} control characters.
-policyInfo.regex.lower=▪ must contain at least {0} lower case characters.
-policyInfo.regex.maxCharacterRepetitions=▪ characters must not occur more than {0} time(s) consecutively.
-policyInfo.regex.maxLength=▪ must be at most {0} characters long.
-policyInfo.regex.minLength=▪ must be at least {0} characters long.
-policyInfo.regex.nonAlnum=▪ must contain at least {0} non-alphanumeric characters.
-policyInfo.regex.nonAscii=▪ cannot contain more than {0} non-ASCII characters.
-policyInfo.regex.nonGraph=▪ cannot contain more than {0} non-printable characters.
-policyInfo.regex.nonLetter=▪ must contain at least {0} non-letter characters.
-policyInfo.regex.numeric=▪ must contain at least {0} numeric characters.
-policyInfo.regex.upper=▪ must contain at least {0} upper case characters.
-policyInfo.title=The password has to comply with the following password policy:
-reject.button.label=Deny
-submit.button.label=Submit
-tan.sent=Please enter the security code which has been sent to your mobile phone.
-title.logout=Logout
-title.logout.confirmation=Logout
-title.logout.reminder=Logout
-title.oauth.consent=Client Authorization
-title.saml.failed=Error
-title.timeout.page=Logout

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/LitDict_de.properties

@@ -1,80 +0,0 @@
-
-accept.button.label=Akzeptieren
-cancel.button.label=Abbrechen
-continue.button.label=Weiter
-deputy.profile.label=(Profil Stellvertreter)
-error.saml.failed=Bitte schliessen Sie Ihren Browser und versuchen Sie es erneut.
-error_1=Bitte überprüfen Sie Ihre Eingabe.
-error_10=Bitte wählen Sie den gewünschten Benutzer.
-error_100=Zertifikat-Upload nicht möglich. Zertifikat bereits vorhanden. Bitte kontaktieren Sie Ihren Helpdesk.
-error_101=Die angegebene E-Mail Adresse ist ungültig.
-error_11=Bitte verwenden Sie ein anderes Zertifikat oder ein alternatives Authentisierungsmittel.
-error_2=Bitte wählen Sie einen anderen Login-Namen. 
-error_3=Falls Ihr nächster Login fehlschlägt, wird Ihr Konto gesperrt.
-error_4=Ihr neues Passwort wurde nicht akzeptiert. Bitte wählen Sie eines, das den Passwortvorgaben entspricht.
-error_5=Die Eingabe zur Bestätigung des Passwortes ist falsch.
-error_50=Das neue Passwort ist zu kurz.
-error_55=Das neue Passwort muss sich von alten Passwörtern unterscheiden.
-error_6=Passwortwechsel erforderlich.
-error_7=Wechsel der Login-ID erforderlich.
-error_8=Ihr Konto wurde infolge wiederholt fehlgeschlagener Authentisierung gesperrt.
-error_81=Keine Rasterkarte gefunden, Zugang vom Internet verweigert.
-error_83=Ihre Rasterkarte ist aufgebraucht. Bitte kontaktieren Sie Ihren Berater, um eine neue zu erhalten.
-error_9=Die SSO-Session konnte nicht übernommen werden.
-error_97=Sie verfügen nicht über die für den Zugriff auf diese Ressource benötigte Berechtigung.
-error_98=Ihr Konto ist gesperrt.
-error_99=Systemfehler. Bitte versuchen Sie es später.
-info.logout.confirmation=Bitte bestätigen Sie, dass Sie sich abmelden möchten.
-info.logout.reminder=Ihre Session ist auf dieser Applikation abgelaufen. Versuchen Sie es nochmals mit einem Login.
-info.oauth.consent=Wollen Sie der Anwendung den Zugriff erlauben?
-info.timeout.page=Ihre Session ist auf dieser Applikation abgelaufen. Versuchen Sie es nochmals mit einem Login.
-login.button.label=Login
-logout.label=Logout
-logout.text=Sie haben sich erfolgreich abgemeldet.
-method.certificate.label=Zertifikat
-method.fido.label=Mobile Authentication
-method.fido2.label=FIDO 2
-method.mtan.label=mTAN-Code
-method.oath.label=OATH Authenticator-App
-method.otp.label=OTP (One-Time Passwort)
-method.recovery.label=Wiederherstellungscodes
-method.safeword.label=SafeWord
-method.securid.label=SecurID
-method.ticket.label=Ticket
-outarg.lastLogin.never=Nie
-policyFailure.dictionary=▪ darf nicht aus einem Wörterbuch stammen.
-policyFailure.history.History=▪ muss sich von vorhergehenden Passwörtern unterscheiden.
-policyFailure.regex.control=▪ darf höchstens {0} Kontrollzeichen enthalten.
-policyFailure.regex.lower=▪ muss {0} Kleinbuchstaben enthalten.
-policyFailure.regex.maxCharacterRepetitions=▪ darf nicht eine Sequenz länger als {0} des gleichen Zeichens enthalten.
-policyFailure.regex.maxLength=Länge des Passwortes darf höchstens {0} sein.
-policyFailure.regex.minLength=Länge des Passwortes muss mindestens {0} sein.
-policyFailure.regex.nonAlnum=▪ muss {0} nicht-alphanumerische Zeichen enthalten.
-policyFailure.regex.nonAscii=▪ darf höchstens {0} Zeichen ausserhalb des ASCII-Zeichensatzes enthalten.
-policyFailure.regex.nonGraph=▪ darf höchstens {0} nicht-druckende Zeichen enthalten.
-policyFailure.regex.nonLetter=▪ muss {0} Zeichen enthalten, die keine Buchstaben sind.
-policyFailure.regex.numeric=▪ muss {0} numerische Zeichen enthalten.
-policyFailure.regex.upper=▪ muss {0} Grossbuchstaben enthalten.
-policyInfo.dictionary=▪ darf nicht aus einem Wörterbuch stammen.
-policyInfo.history.History=▪ darf keines der zuletzt verwendeten Passwörtern sein.
-policyInfo.regex.control=▪ darf höchstens {0} Kontrollzeichen enthalten.
-policyInfo.regex.lower=▪ muss mindestens {0} Kleinbuchstaben enthalten.
-policyInfo.regex.maxCharacterRepetitions=▪ darf nicht eine Sequenz länger als {0} des gleichen Zeichens enthalten.
-policyInfo.regex.maxLength=▪ darf höchstens {0} Zeichen enthalten.
-policyInfo.regex.minLength=▪ muss mindestens {0} Zeichen enthalten.
-policyInfo.regex.nonAlnum=▪ muss mindestens {0} Zeichen enthalten, die nicht Alphanumerisch sind.
-policyInfo.regex.nonAscii=▪ darf höchstens {0} Zeichen ausserhalb des ASCII-Zeichensatzes enthalten.
-policyInfo.regex.nonGraph=▪ darf höchstens {0} nicht-druckende Zeichen enthalten.
-policyInfo.regex.nonLetter=▪ muss mindestens {0} Zeichen enthalten, die keine Buchstaben sind.
-policyInfo.regex.numeric=▪ muss mindestens {0} numerische Zeichen enthalten.
-policyInfo.regex.upper=▪ muss mindestens {0} Grossbuchstaben enthalten.
-policyInfo.title=Das Passwort muss den folgenden Passwort-Richtlinien entsprechen:
-reject.button.label=Ablehnen
-submit.button.label=Senden
-tan.sent=Bitte erfassen Sie den Sicherheitscode, welcher an Ihr Mobiltelefon gesendet wurde.
-title.logout=Logout
-title.logout.confirmation=Logout
-title.logout.reminder=Logout
-title.oauth.consent=Client Authorisierung
-title.saml.failed=Error
-title.timeout.page=Logout

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/LitDict_en.properties

@@ -1,80 +0,0 @@
-
-accept.button.label=Accept
-cancel.button.label=Cancel
-continue.button.label=Continue
-deputy.profile.label=(Deputy Profile)
-error.saml.failed=Please close your browser and try again.
-error_1=Please check your input.
-error_10=Please select the correct user account.
-error_100=Certificate upload not possible. Certificate already exists. Please contact your helpdesk.
-error_101=The entered email address is not valid.
-error_11=Please use another certficate or login with another credential type.
-error_2=Please select another login name.
-error_3=Your account will be locked if next authentication fails.
-error_4=Your new password does not comply with the security policy. Please choose a different password.
-error_5=Error in password confirmation.
-error_50=The new password is too short.
-error_55=The new password has to differ from old passwords.
-error_6=Password change required.
-error_7=Change of login ID required.
-error_8=Your account has been locked due to repeated authentication failures.
-error_81=No access card found, access from internet denied.
-error_83=Your access card is no longer valid. Please contact your advisor to get a new access card.
-error_9=Session take over failed.
-error_97=You are not authorized to access this resource.
-error_98=Your account has been locked.
-error_99=System problems. Please try later.
-info.logout.confirmation=Please confirm that you want to log out.
-info.logout.reminder=Your session on this application has expired. Try again with a login.
-info.oauth.consent=Do you want to authorise this application to access your data?
-info.timeout.page=Your session on this application has expired. Try again with a login.
-login.button.label=Login
-logout.label=Logout
-logout.text=You have successfully logged out.
-method.certificate.label=Certificate
-method.fido.label=Mobile Authentication
-method.fido2.label=FIDO 2
-method.mtan.label=mTAN Code
-method.oath.label=OATH Authenticator App
-method.otp.label=OTP (One-Time Password)
-method.recovery.label=Recovery Codes
-method.safeword.label=SafeWord
-method.securid.label=SecurID
-method.ticket.label=Ticket
-outarg.lastLogin.never=Never
-policyFailure.dictionary=▪ must not be taken from a dictionary.
-policyFailure.history.History=▪ must be different from previously selected passwords.
-policyFailure.regex.control=▪ cannot contain more than {0} control characters.
-policyFailure.regex.lower=▪ must contain at least {0} lower case characters.
-policyFailure.regex.maxCharacterRepetitions=▪ characters must not occur more than {0} time(s) consecutively.
-policyFailure.regex.maxLength=▪ must be at most {0} characters long.
-policyFailure.regex.minLength=▪ must be at least {0} characters long.
-policyFailure.regex.nonAlnum=▪ must contain at least {0} non-alphanumeric characters.
-policyFailure.regex.nonAscii=▪ cannot contain more than {0} non-ASCII characters.
-policyFailure.regex.nonGraph=▪ cannot contain more than {0} non-printable characters.
-policyFailure.regex.nonLetter=▪ must contain at least {0} non-letter characters.
-policyFailure.regex.numeric=▪ must contain at least {0} numeric characters.
-policyFailure.regex.upper=▪ must contain at least {0} upper case characters.
-policyInfo.dictionary=▪ must not be taken from a dictionary.
-policyInfo.history.History=▪ must be different from previously selected passwords.
-policyInfo.regex.control=▪ cannot contain more than {0} control characters.
-policyInfo.regex.lower=▪ must contain at least {0} lower case characters.
-policyInfo.regex.maxCharacterRepetitions=▪ characters must not occur more than {0} time(s) consecutively.
-policyInfo.regex.maxLength=▪ must be at most {0} characters long.
-policyInfo.regex.minLength=▪ must be at least {0} characters long.
-policyInfo.regex.nonAlnum=▪ must contain at least {0} non-alphanumeric characters.
-policyInfo.regex.nonAscii=▪ cannot contain more than {0} non-ASCII characters.
-policyInfo.regex.nonGraph=▪ cannot contain more than {0} non-printable characters.
-policyInfo.regex.nonLetter=▪ must contain at least {0} non-letter characters.
-policyInfo.regex.numeric=▪ must contain at least {0} numeric characters.
-policyInfo.regex.upper=▪ must contain at least {0} upper case characters.
-policyInfo.title=The password has to comply with the following password policy:
-reject.button.label=Deny
-submit.button.label=Submit
-tan.sent=Please enter the security code which has been sent to your mobile phone.
-title.logout=Logout
-title.logout.confirmation=Logout
-title.logout.reminder=Logout
-title.oauth.consent=Client Authorization
-title.saml.failed=Error
-title.timeout.page=Logout

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/LitDict_fr.properties

@@ -1,80 +0,0 @@
-
-accept.button.label=Accepter
-cancel.button.label=Abandonner
-continue.button.label=Continuer
-deputy.profile.label=(Profil du suppléant)
-error.saml.failed=Fermez votre navigateur et r;eacute;essayez.
-error_1=Veuillez vérifier vos données, s.v.p.
-error_10=Choisissez votre compte.
-error_100=Téléchargement du certificat pas possible. Certificat existe déjà. Veuillez contacter le helpdesk s.v.p.
-error_101=L'adresse e-mail é n'est pas valide.
-error_11=Choisissez un autre certificat, s.v.p.
-error_2=Choisissez un autre nom, s.v.p.
-error_3=Si l'authentification ne réussit pas au prochain essai, votre compte sera bloqué.
-error_4=Votre nouveau mot de passe ne conforme pas aux mesures de sécurité
-error_5=Votre confirmation du mot de passe ne correspond pas au mot de passe donné.
-error_50=Le nouveau mot de passe est trop court.
-error_55=Le nouveau mot de passe doit différer de l'ancien.
-error_6=Veuillez changer votre mot de passe, s.v.p.
-error_7=Veuillez changer votre login ID, s.v.p.
-error_8=Votre compte n'est pas active.
-error_81=Pas d'access card trouvé, l'accès par l'internet est refusé.
-error_83=Votre access card n'est plus valable, veuillez contacter votre gestionnaire.
-error_9=Il n'est pas possible de transmettre la session.
-error_97=Vous n'avez pas les autorisations nécessaires pour accéder à cette ressource.
-error_98=Votre compte a été bloqué.
-error_99=Problème technique. Veuillez essayer plus tard, s.v.p.
-info.logout.confirmation=Veuillez confirmer que vous souhaitez vous déconnecter.
-info.logout.reminder=Votre session sur cette application a expirée. Essayez encore avec un login.
-info.oauth.consent=Voulez-vous autoriser l'application?
-info.timeout.page=Votre session sur cette application a expirée. Essayez encore avec un login.
-login.button.label=Login
-logout.label=Logout
-logout.text=Au revoir
-method.certificate.label=Certificat
-method.fido.label=Mobile Authentication
-method.fido2.label=FIDO 2
-method.mtan.label=Code mTAN
-method.oath.label=Application d'authentification OATH
-method.otp.label=OTP (One-Time Password)
-method.recovery.label=Codes de récupération
-method.safeword.label=SafeWord
-method.securid.label=SecurID
-method.ticket.label=Ticket
-outarg.lastLogin.never=Jamais
-policyFailure.dictionary=▪ ne peut pas être pris d'un dictionnaire.
-policyFailure.history.History=▪ doit être différent des mots de passe préalablement sélectionnés.
-policyFailure.regex.control=▪ ne peut contenir plus de {0} caractères de commande.
-policyFailure.regex.lower=▪ doit contenir au moins {0} caractère(s) minuscule(s).
-policyFailure.regex.maxCharacterRepetitions=▪ ne peut contenir une séquence de plus de {0} du même caractère.
-policyFailure.regex.maxLength=La longueur doit être d'au plus {0}.
-policyFailure.regex.minLength=La longueur doit être d'au moins {0}.
-policyFailure.regex.nonAlnum=▪ doit contenir au moins  {0} caractères non alphanumériques.
-policyFailure.regex.nonAscii=▪ ne peut contenir plus de {0} caractères non ASCII ({1}).
-policyFailure.regex.nonGraph=▪ ne peut contenir plus de {0} caractères non imprimables ({1}).
-policyFailure.regex.nonLetter=▪ doit contenir au moins {0} caractères qui ne sont pas des lettres.
-policyFailure.regex.numeric=▪ doit comprendre {0} caractères numériques.
-policyFailure.regex.upper=▪ doit contenir au moins {0} caractère(s) majuscule(s).
-policyInfo.dictionary=▪ ne peut pas être pris d'un dictionnaire.
-policyInfo.history.History=▪ ne peut pas être l' précédemment choisis.
-policyInfo.regex.control=▪ ne peut contenir plus de {0} caractères de commande.
-policyInfo.regex.lower=▪ doit contenir au moins {0} caractère(s) minuscule(s).
-policyInfo.regex.maxCharacterRepetitions=▪ ne peut contenir une séquence de plus de {0} du même caractère.
-policyInfo.regex.maxLength=▪ la longueur doit être d'au plus {0}.
-policyInfo.regex.minLength=▪ la longueur doit être d'au moins {0}.
-policyInfo.regex.nonAlnum=▪ doit contenir au moins  {0} caractères non alphanumériques.
-policyInfo.regex.nonAscii=▪ ne peut contenir plus de {0} caractères non ASCII.
-policyInfo.regex.nonGraph=▪ ne peut contenir plus de {0} caractères non imprimables.
-policyInfo.regex.nonLetter=▪ doit contenir au moins {0} caractères qui ne sont pas des lettres.
-policyInfo.regex.numeric=▪ doit comprendre au minimum {0} caractères numériques.
-policyInfo.regex.upper=▪ doit contenir au moins {0} caractère(s) majuscule(s).
-policyInfo.title=Le mot de passe doit respecter les règles suivantes:
-reject.button.label=Refuser
-submit.button.label=Envoyer
-tan.sent=Veuillez saisir le code de sécurité que vous avez reçu au votre téléphone mobile.
-title.logout=Logout
-title.logout.confirmation=Logout
-title.logout.reminder=Logout
-title.oauth.consent=Autorisation du client
-title.saml.failed=Error
-title.timeout.page=Logout

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/LitDict_it.properties

@@ -1,80 +0,0 @@
-
-accept.button.label=Accettare
-cancel.button.label=Abortire
-continue.button.label=Continua
-deputy.profile.label=(profilo del delegato)
-error.saml.failed=Chiudi il browser e riprova.
-error_1=Verificare i dati immessi.
-error_10=Per favore selezionare il conto utente corretto.
-error_100=Impossibile caricare il certificato. Questo certificato esiste già. La preghiamo di contattare il Suo help desk.
-error_101=L'indirizzo e-mail inserito non è valido.
-error_11=Scegliere un altro certificato.
-error_2=Per favore scegliere un altro nome.
-error_3=Il conto verrà bloccato se il prossimo login non andrà a buon fine.
-error_4=La nuova password non è stata accettata. Scegliere una password che sia conforme ai criteri di password.
-error_5=La conferma della password è errata.
-error_50=La nuova password è troppo corta.
-error_55=La nuova password deve essere diversa dalla vecchia.
-error_6=È necessario modificare la password.
-error_7=Set up inizale dell'account per il portale necessario.
-error_8=L'account è stato bloccato. Rivolgersi al servizio assistenza oppure provare con un altro strumento di autenticazione.
-error_81=Nessuna carta di accesso trovata, accesso da internet rifiutato.
-error_83=La sua carta di accesso non è più valida. Per favore contatti il suo assistente per ricevere una nuova carta di accesso.
-error_9=La sessione non può essere ripresa.
-error_97=Non si dispone delle autorizzazioni necessarie per accedere a questa risorsa.
-error_98=L'account è stato bloccato.
-error_99=Errore di sistema. Riprovare.
-info.logout.confirmation=Si prega di confermare che si desidera disconnettersi.
-info.logout.reminder=La sessione su questa applicazione è scaduta. Prova ancora con un login.
-info.oauth.consent=Vuoi consentire all'applicazione?
-info.timeout.page=La sessione su questa applicazione è scaduta. Prova ancora con un login.
-login.button.label=Login
-logout.label=Logout
-logout.text=È uscito con successo.
-method.certificate.label=Certificato
-method.fido.label=Mobile Authentication
-method.fido2.label=FIDO 2
-method.mtan.label=Codice mTAN
-method.oath.label=App di autenticazione OATH
-method.otp.label=OTP (One-Time Password)
-method.recovery.label=Codici di ripristino
-method.safeword.label=SafeWord
-method.securid.label=SecurID
-method.ticket.label=Ticket
-outarg.lastLogin.never=Mai
-policyFailure.dictionary=▪ non può essere presa da un dizionario.
-policyFailure.history.History=▪ deve essere diversa da password precedenti.
-policyFailure.regex.control=▪ non può contenere più di {0} caratteri di controllo.
-policyFailure.regex.lower=▪ deve conenere almeno {0} caratteri minuscoli.
-policyFailure.regex.maxCharacterRepetitions=▪ non può contentere una sequenza più lunga di {0} caratteri uguali.
-policyFailure.regex.maxLength=▪ deve contenere al massimo {0} caratteri.
-policyFailure.regex.minLength=▪ deve contenere almeno {0} caratteri.
-policyFailure.regex.nonAlnum=▪ deve conenere almeno {0} caratteri non alfanumerici.
-policyFailure.regex.nonAscii=▪ non può contenere più di {0} caratteri non ASCII.
-policyFailure.regex.nonGraph=▪ non può contenere più di {0} caratteri non stampabili.
-policyFailure.regex.nonLetter=▪ non può contenere più di {0} numeri o caratteri speciali.
-policyFailure.regex.numeric=▪ deve contenere {0} caratteri numerici.
-policyFailure.regex.upper=▪ deve conenere almeno {0} caratteri maiuscoli.
-policyInfo.dictionary=▪ non può essere presa da un dizionario.
-policyInfo.history.History=▪ deve essere diversa dalle password precedenti.
-policyInfo.regex.control=▪ non può contenere più di {0} carattere/i di controllo.
-policyInfo.regex.lower=▪ deve conenere almeno {0} carattere/i minuscolo/i.
-policyInfo.regex.maxCharacterRepetitions=▪ non può contentere una sequenza più lunga di {0} caratteri uguali.
-policyInfo.regex.maxLength=▪ deve contenere al massimo {0} carattere/i.
-policyInfo.regex.minLength=▪ deve contenere almeno {0} carattere/i.
-policyInfo.regex.nonAlnum=▪ deve conenere almeno {0} carattere/i non alfanumerico/i.
-policyInfo.regex.nonAscii=▪ non può contenere più di {0} carattere/i non ASCII.
-policyInfo.regex.nonGraph=▪ non può contenere più di {0} carattere/i non stampabile/i.
-policyInfo.regex.nonLetter=▪ non può contenere più di {0} numero/i o caratere/i speciale/i.
-policyInfo.regex.numeric=▪ deve contenere un minimo di {0} carattere/i numerico/i.
-policyInfo.regex.upper=▪ deve conenere almeno {0} carattere/i maiuscolo/i.
-policyInfo.title=La password deve rispettare le seguenti direttive:
-reject.button.label=Rifiuti
-submit.button.label=Continua
-tan.sent=Inserisci il codice di sicurezza che è stato inviato al tuo telefono cellulare.
-title.logout=Logout
-title.logout.confirmation=Logout
-title.logout.reminder=Logout
-title.oauth.consent=Autorizzazione del client
-title.saml.failed=Error
-title.timeout.page=Logout

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/bc.properties

@@ -1 +0,0 @@
-bc.tracer.TraceIndentFactory=ch.nevis.bc.io.Log4jTraceIndentFactory

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/env.conf

@@ -1,19 +0,0 @@
-RTENV_SECURITY_CHECK=no_shell
-
-JAVA_OPTS=(
-    "-XX:+UseContainerSupport"
-    "-Dfile.encoding=UTF-8"
-    "-XX:MaxRAMPercentage=80.0"
-    "-Djava.net.preferIPv4Stack=true"
-    "-Djava.net.connectionTimeout=10000"
-    "-Djava.net.readTimeout=15000"
-    "-Dch.nevis.esauth.config=/var/opt/nevisauth/default/conf/esauth4.xml"
-    "-Djava.awt.headless=true"
-    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
-    "-Dotel.javaagent.logging=application"
-    "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2405.2,service.instance.id=$HOSTNAME"
-    "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/tls-swissid/truststore.p12"
-    "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/tls-swissid/keypass}"
-)
-

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/esauth4.security

@@ -1,2 +0,0 @@
-# this file is generated by nevisAdmin 4
-security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/esauth4.xml

@@ -1,151 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE esauth-server SYSTEM "/opt/nevisauth/dtd/esauth4.dtd">
-<esauth-server instance="nai2">
-    <!-- source: pattern://5a02ce1399ca42298422a320, pattern://8523f0587aa8cfa7008f8171 -->
-    <SessionCoordinator sessionInitialInactivityTimeout="600" sessionInactivityTimeout="28800" sessionMaxLifetime="28800" sessionIdPreGenerate="true">
-        <!-- source: pattern://5a02ce1399ca42298422a320 -->
-        <LocalSessionStore maxSessions="100000"/>
-        <!-- source: pattern://5a02ce1399ca42298422a320 -->
-        <TokenAssembler name="DefaultTokenAssembler">
-            <Selector default="true"/>
-            <!-- source: pattern://8523f0587aa8cfa7008f8171 -->
-            <TokenSpec ttl="28800">
-                <!-- source: pattern://5a02ce1399ca42298422a320 -->
-                <field src="session" key="ch.nevis.session.sessid" as="sessid"/>
-                <!-- source: pattern://5a02ce1399ca42298422a320 -->
-                <field src="session" key="ch.nevis.session.userid" as="userid"/>
-                <!-- source: pattern://5a02ce1399ca42298422a320 -->
-                <field src="session" key="ch.nevis.session.authlevel" as="authLevel"/>
-                <!-- source: pattern://5a02ce1399ca42298422a320 -->
-                <field src="session" key="ch.nevis.session.esauthid" as="esauthid"/>
-                <!-- source: pattern://5a02ce1399ca42298422a320 -->
-                <field src="session" key="ch.nevis.session.entryid" as="entryid"/>
-                <!-- source: pattern://5a02ce1399ca42298422a320 -->
-                <field src="session" key="ch.nevis.session.loginid" as="loginId"/>
-                <!-- source: pattern://5a02ce1399ca42298422a320 -->
-                <field src="session" key="ch.nevis.session.domain" as="domain"/>
-                <!-- source: pattern://5a02ce1399ca42298422a320 -->
-                <field src="session" key="ch.nevis.session.secroles" as="roles"/>
-            </TokenSpec>
-            <!-- source: pattern://5a02ce1399ca42298422a320 -->
-            <Signer key="DefaultSigner"/>
-        </TokenAssembler>
-        <!-- source: pattern://5a02ce1399ca42298422a320 -->
-        <KeyStore name="DefaultKeyStore">
-            <!-- source: pattern://5a02ce1399ca42298422a320 -->
-            <KeyObject name="DefaultSigner" certificate="/var/opt/keys/own/nai2-sh4r3d-default-default-signer/cert.pem" privateKey="/var/opt/keys/own/nai2-sh4r3d-default-default-signer/keystore.jks" passPhrase="pipe:///var/opt/keys/own/nai2-sh4r3d-default-default-signer/keypass"/>
-            <!-- source: pattern://5a02ce1399ca42298422a320 -->
-            <KeyObject name="DefaultSignerTrust" certificate="/var/opt/keys/trust/nai2-default-default-signer-trust/truststore.jks"/>
-        </KeyStore>
-    </SessionCoordinator>
-    <!-- source: pattern://5a02ce1399ca42298422a320 -->
-    <LocalOutOfContextDataStore reaperPeriod="60"/>
-    <!-- source: pattern://5a02ce1399ca42298422a320, pattern://8523f0587aa8cfa7008f8171 -->
-    <AuthEngine useLiteralDictionary="true" literalDictionaryLanguages="en,de,fr,it" inputLanguageCookie="LANG" compatLevel="none" addAutheLevelToSecRoles="true" classPath="/var/opt/nevisauth/default/plugin:/opt/nevisauth/plugin" propagateSession="false">
-        <!-- source: pattern://8523f0587aa8cfa7008f8171 -->
-        <Domain name="MockRelam" default="false" inactiveInterval="7200" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
-            <Entry method="authenticate" state="MockRelam_DispatchMockRequests"/>
-            <Entry method="stepup" state="MockRelam_Selector"/>
-        </Domain>
-        <AuthState name="MockRelam_DispatchMockRequests" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
-            <!-- source: pattern://1641a38402138546573b7e71 -->
-            <ResultCond name="jwk" next="MockRelam_jwkMock"/>
-            <!-- source: pattern://1641a38402138546573b7e71 -->
-            <ResultCond name="metadata" next="MockRelam_MetadataMock"/>
-            <!-- source: pattern://1641a38402138546573b7e71 -->
-            <ResultCond name="nomatch" next="MockRelam_KlpApiMock"/>
-            <!-- source: pattern://1641a38402138546573b7e71 -->
-            <ResultCond name="wellknown" next="MockRelam_wellKownMock"/>
-            <!-- source: pattern://1641a38402138546573b7e71 -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://1641a38402138546573b7e71 -->
-                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
-            </Response>
-            <!-- source: pattern://1641a38402138546573b7e71 -->
-            <property name="condition:jwk" value="${request:currentResource:/jwk:true}"/>
-            <!-- source: pattern://1641a38402138546573b7e71 -->
-            <property name="condition:metadata" value="${request:currentResource:/metadata:true}"/>
-            <!-- source: pattern://1641a38402138546573b7e71 -->
-            <property name="condition:wellknown" value="${request:currentResource:/.well-known:true}"/>
-        </AuthState>
-        <AuthState name="MockRelam_jwkMock" class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState" final="true" resumeState="false">
-            <!-- source: pattern://02267b7a9895eef024fd806b -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://02267b7a9895eef024fd806b -->
-                <Gui name="none"/>
-            </Response>
-            <!-- source: pattern://02267b7a9895eef024fd806b -->
-            <property name="content" value="file:///var/opt/nevisauth/default/conf/mockrelam_jwkmock.json"/>
-            <!-- source: pattern://02267b7a9895eef024fd806b -->
-            <property name="contentType" value="application/json"/>
-            <!-- source: pattern://02267b7a9895eef024fd806b -->
-            <property name="statusCode" value="200"/>
-        </AuthState>
-        <AuthState name="MockRelam_MetadataMock" class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState" final="true" resumeState="false">
-            <!-- source: pattern://0600a4bbdea68c3aaa2fd10f -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://0600a4bbdea68c3aaa2fd10f -->
-                <Gui name="none"/>
-            </Response>
-            <!-- source: pattern://0600a4bbdea68c3aaa2fd10f -->
-            <property name="content" value="file:///var/opt/nevisauth/default/conf/mockrelam_metadatamock.json"/>
-            <!-- source: pattern://0600a4bbdea68c3aaa2fd10f -->
-            <property name="contentType" value="application/json"/>
-            <!-- source: pattern://0600a4bbdea68c3aaa2fd10f -->
-            <property name="statusCode" value="200"/>
-        </AuthState>
-        <AuthState name="MockRelam_KlpApiMock" class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState" final="true" resumeState="false">
-            <!-- source: pattern://3f7b857b6d35114fcd8c4984 -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://3f7b857b6d35114fcd8c4984 -->
-                <Gui name="none"/>
-            </Response>
-            <!-- source: pattern://3f7b857b6d35114fcd8c4984 -->
-            <property name="content" value="file:///var/opt/nevisauth/default/conf/mockrelam_klpapimock.json"/>
-            <!-- source: pattern://3f7b857b6d35114fcd8c4984 -->
-            <property name="contentType" value="application/json"/>
-            <!-- source: pattern://3f7b857b6d35114fcd8c4984 -->
-            <property name="statusCode" value="200"/>
-        </AuthState>
-        <AuthState name="MockRelam_wellKownMock" class="ch.nevis.esauth.auth.states.directResponse.DirectResponseState" final="true" resumeState="false">
-            <!-- source: pattern://1a11a59ad08eccffa1addc6a -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://1a11a59ad08eccffa1addc6a -->
-                <Gui name="none"/>
-            </Response>
-            <!-- source: pattern://1a11a59ad08eccffa1addc6a -->
-            <property name="content" value="file:///var/opt/nevisauth/default/conf/mockrelam_wellkownmock.json"/>
-            <!-- source: pattern://1a11a59ad08eccffa1addc6a -->
-            <property name="contentType" value="application/json"/>
-            <!-- source: pattern://1a11a59ad08eccffa1addc6a -->
-            <property name="statusCode" value="200"/>
-        </AuthState>
-        <AuthState name="MockRelam_Selector" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
-            <!-- source: pattern://8523f0587aa8cfa7008f8171 -->
-            <ResultCond name="nomatch" next="MockRelam_Prepare_Done"/>
-            <!-- source: pattern://8523f0587aa8cfa7008f8171 -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://8523f0587aa8cfa7008f8171 -->
-                <Arg name="ch.nevis.isiweb4.response.status" value="403"/>
-            </Response>
-        </AuthState>
-        <AuthState name="MockRelam_Prepare_Done" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
-            <!-- source: pattern://8523f0587aa8cfa7008f8171 -->
-            <ResultCond name="default" next="MockRelam_Auth_Done"/>
-            <!-- source: pattern://8523f0587aa8cfa7008f8171 -->
-            <Response value="AUTH_DONE">
-                <!-- source: pattern://8523f0587aa8cfa7008f8171 -->
-                <Gui name="ContinueResponse"/>
-            </Response>
-            <!-- source: pattern://8523f0587aa8cfa7008f8171 -->
-            <property name="script" value="file:///var/opt/nevisauth/default/conf/prepare_done.groovy"/>
-        </AuthState>
-        <AuthState name="MockRelam_Auth_Done" class="ch.nevis.esauth.auth.states.standard.AuthDone" final="false">
-            <!-- source: pattern://8523f0587aa8cfa7008f8171 -->
-            <Response value="AUTH_DONE">
-                <!-- source: pattern://8523f0587aa8cfa7008f8171 -->
-                <Gui name="ContinueResponse"/>
-            </Response>
-        </AuthState>
-    </AuthEngine>
-</esauth-server>

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/logging.yml

@@ -1,57 +0,0 @@
-Configuration:
-  monitorInterval: 60
-  Appenders:
-    Console:
-    - name: "SERVER"
-      target: "SYSTEM_OUT"
-      PatternLayout:
-        pattern: "[esauth4sv.log] %d{ISO8601} %-15.15t %mdc{trace_id} %mdc{span_id} %-20.20c %-5.5p %m%n"
-      RegexFilter:
-        regex: ".*GET /nevisauth/liveness.*"
-        onMatch: "DENY"
-        onMismatch: "ACCEPT"
-  Loggers:
-    Logger:
-    - name: "EsAuthStart"
-      level: "INFO"
-    - name: "org.apache.catalina.loader.WebappClassLoader"
-      level: "FATAL"
-    - name: "org.apache.catalina.startup.HostConfig"
-      level: "ERROR"
-    - name: "ch.nevis.esauth.events"
-      level: "FATAL"
-    - name: "AuthEngine"
-      level: "INFO"
-    - name: "HttpClient"
-      level: "TRACE"
-    - name: "OAuth2"
-      level: "DEBUG"
-    - name: "StdStates"
-      level: "DEBUG"
-    - name: "Vars"
-      level: "INFO"
-    - name: "ch.adnovum.cossa.CachingIDTokenVerifier"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.CallPolicyVerificationAPI"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.IDTokenVerifier"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.IdTokenVerification"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.KLPScopeToProfileBinding"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.SimpleIDTokenValidator"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.SimpleIDTokenVerifier"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.TokenExchangeEndpoint"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.TokenExchangeEndpointRefresh"
-      level: "DEBUG"
-    - name: "ch.adnovum.cossa.TokenGenerator"
-      level: "DEBUG"
-    Root:
-      level: "WARN"
-      additivity: "false"
-      AppenderRef:
-      - ref: "SERVER"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/mockrelam_klpapimock.json

@@ -1,20 +0,0 @@
-{
-"application": "fakeapp1_b2b_internal",
-"profiles": [{
-"profileId": "12047881",
-"description": "12047881 - Marco Mojana, Via Pratocarasso 40, 6500 Bellinzona",
-"enabled": true,
-"role": "PB",
-"violatedPolicies": [],
-"currentGtcAccepted": true
-},
-{
-"profileId": "12047882",
-"description": "12047882 - Marco Mojana, Via Pratocarasso 40, 6500 Bellinzona",
-"enabled": true,
-"role": "PB",
-"violatedPolicies": [],
-"currentGtcAccepted": true
-}
-]
-}

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/mockrelam_metadatamock.json

@@ -1,409 +0,0 @@
-{
-  "Client":[
-    {
-      "id":"Client_69d3027cf5ae36b9e2b18cc9cfd9f0fe",
-      "owner":"andrea",
-      "name":"klp-client",
-      "link":"rest/modules/oauthv2/setups/Setup_b00528a7a0edc1df1a6b95240d704600/entities/Client_69d3027cf5ae36b9e2b18cc9cfd9f0fe",
-      "meta":[
-        {
-          "name":"klp_application1",
-          "value":"fakemobileoauth"
-        },
-        {
-          "name":"tokenExchangeAllowed",
-          "value":"true"
-        }
-      ],
-      "otherAttributes":{
-        "client_name#de":"Fake OpenID de",
-        "client_name#fr":"Fake OpenID fr",
-        "client_name#it":"Fake OpenID it",
-        "client_name":"Fake OpenID en"
-      },
-      "scopes":[
-        {
-          "value":"MONITOR",
-          "resource_id":"ResourceServer_ea7d36ec2adb5857de7dda7cbbbbbbd8",
-          "resource_name":"MONITORING-AGB"
-        },
-        {
-          "value":"address",
-          "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-          "resource_name":"UserInfo"
-        },
-        {
-          "value":"birthdate",
-          "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-          "resource_name":"UserInfo"
-        },
-        {
-          "value":"email",
-          "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-          "resource_name":"UserInfo"
-        },
-        {
-          "value":"name",
-          "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-          "resource_name":"UserInfo"
-        },
-        {
-          "value":"no_consent_required",
-          "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-          "resource_name":"UserInfo"
-        },
-        {
-          "value":"offline_access",
-          "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-          "resource_name":"UserInfo"
-        },
-        {
-          "value":"openid",
-          "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-          "resource_name":"UserInfo"
-        },
-        {
-          "value":"phone",
-          "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-          "resource_name":"UserInfo"
-        },
-        {
-          "value":"phone_number",
-          "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-          "resource_name":"UserInfo"
-        },
-        {
-          "value":"profile",
-          "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-          "resource_name":"UserInfo"
-        }
-      ],
-      "contacts":[
-        "br, g, o, io"
-      ],
-      "valid_from":"2023-10-04T12:58:16.000Z",
-      "redirect_uris":[
-        "http://vkld02.pnet.ch:7024/obtainingTokens",
-        "https://fakeextint1.post.ch/openid/obtainingTokens"
-      ],
-      "response_types":[
-        "code"
-      ],
-      "grant_types":[
-        "authorization_code",
-        "refresh_token"
-      ],
-      "token_exchange_allowed":true,
-      "client_id":"klp-client",
-      "client_secret":"fake-openid-secret",
-      "client_uri":"https://iam.post.ch",
-      "default_max_age":-1,
-      "confidentiality_type":"confidential",
-      "pkce_mode":"allowed",
-      "require_auth_time":false,
-      "token_endpoint_auth_method":"client_secret_basic",
-      "jwks_uri":"",
-      "logo_uri":"/login/resources/nevislogrend/applications/def/webdata/images/openid_connect.png",
-      "access_token_ttl":30,
-      "id_token_ttl":600,
-      "refresh_token_ttl":86400,
-      "presisted_consent_ttl":31104000,
-      "force_authentication":false,
-      "require_pushed_authorization_requests":false,
-      "id_token_signed_response_alg":"RS256",
-      "id_token_encrypted_response_alg":"none",
-      "id_token_encrypted_response_enc":"none"
-    },
-    {
-        "id":"Client_69d3027cf5ae36b9e2b18cc9cfd9f0fd",
-        "owner":"pippo",
-        "name":"COSSA - Monitoring Client",
-        "link":"rest/modules/oauthv2/setups/Setup_b00528a7a0edc1df1a6b95240d704600/entities/Client_69d3027cf5ae36b9e2b18cc9cfd9f0fd",
-        "meta":[
-          {
-            "name":"klp_application",
-            "value":"cossa"
-          },
-          {
-            "name":"test_monitor_meta",
-            "value":"aaa"
-          },
-          {
-            "name":"Shop_DebiNr",
-            "value":"11111111111"
-          }
-        ],
-        "otherAttributes":{
-          "client_name#de":"Fake OpenID de",
-          "client_name#fr":"Fake OpenID fr",
-          "client_name#it":"Fake OpenID it",
-          "client_name":"Fake OpenID en"
-        },
-        "scopes":[
-          {
-            "value":"MONITOR",
-            "resource_id":"ResourceServer_ea7d36ec2adb5857de7dda7cbbbbbbd8",
-            "resource_name":"MONITORING-AGB"
-          },
-          {
-            "value":"address",
-            "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-            "resource_name":"UserInfo"
-          },
-          {
-            "value":"birthdate",
-            "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-            "resource_name":"UserInfo"
-          },
-          {
-            "value":"email",
-            "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-            "resource_name":"UserInfo"
-          },
-          {
-            "value":"name",
-            "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-            "resource_name":"UserInfo"
-          },
-          {
-            "value":"no_consent_required",
-            "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-            "resource_name":"UserInfo"
-          },
-          {
-            "value":"offline_access",
-            "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-            "resource_name":"UserInfo"
-          },
-          {
-            "value":"openid",
-            "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-            "resource_name":"UserInfo"
-          },
-          {
-            "value":"phone",
-            "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-            "resource_name":"UserInfo"
-          },
-          {
-            "value":"phone_number",
-            "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-            "resource_name":"UserInfo"
-          },
-          {
-            "value":"profile",
-            "resource_id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-            "resource_name":"UserInfo"
-          }
-        ],
-        "contacts":[
-          "pippo"
-        ],
-        "valid_from":"2023-10-04T12:58:16.000Z",
-        "redirect_uris":[
-          "http://iam.post.ch/monitoring/cossa",
-          "https://iam.post.ch/monitoring/back",
-          "https://test.post.ch/pippo/back"
-        ],
-        "response_types":[
-          "code"
-        ],
-        "grant_types":[
-          "authorization_code",
-          "client_credentials",
-          "refresh_token"
-        ],
-        "client_id":"14c3890f8d8f4da3efdd61d29f24caa3",
-        "client_secret":"e6678df835d5e1a6b45f4acbe3467ec2",
-        "client_uri":"https://iam.post.ch",
-        "default_max_age":-1,
-        "confidentiality_type":"confidential",
-        "pkce_mode":"allowed",
-        "require_auth_time":false,
-        "token_endpoint_auth_method":"client_secret_basic",
-        "jwks_uri":"",
-        "logo_uri":"/login/resources/nevislogrend/applications/def/webdata/images/openid_connect.png",
-        "access_token_ttl":30,
-        "id_token_ttl":600,
-        "refresh_token_ttl":86400,
-        "presisted_consent_ttl":31104000,
-        "force_authentication":false,
-        "require_pushed_authorization_requests":false,
-        "id_token_signed_response_alg":"RS256",
-        "id_token_encrypted_response_alg":"none",
-        "id_token_encrypted_response_enc":"none"
-      }
-  ],
-  "ResourceServer":[
-    {
-      "id":"ResourceServer_561f4822c98d39267d95d3d62502e70f",
-      "owner":"oly",
-      "name":"UserInfo",
-      "link":"rest/modules/oauthv2/setups/Setup_b00528a7a0edc1df1a6b95240d704600/entities/ResourceServer_561f4822c98d39267d95d3d62502e70f",
-      "meta":[
-
-      ],
-      "otherAttributes":{
-
-      },
-      "scope":[
-        {
-          "value":"address",
-          "otherAttributes":{
-            "scope_name#fr":"Adresse",
-            "scope_name#it":"Indirizzo",
-            "scope_name#de":"Addresse",
-            "scope_description":"http://openid.com",
-            "scope_name#en":"Address"
-          },
-          "implicit_grant_policy":"disallowed",
-          "authorization_grant_policy":"consent_persisted",
-          "refresh_token_grant_policy":"no_consent_required",
-          "authentication_required":false
-        },
-        {
-          "value":"birthdate",
-          "otherAttributes":{
-            "scope_name#fr":"Anniversaire",
-            "scope_name#it":"Data di nascita",
-            "scope_name#de":"Geburtstag",
-            "scope_name#en":"Birthday"
-          },
-          "implicit_grant_policy":"disallowed",
-          "authorization_grant_policy":"consent_persisted",
-          "refresh_token_grant_policy":"no_consent_required",
-          "authentication_required":false
-        },
-        {
-          "value":"email",
-          "otherAttributes":{
-            "scope_name#fr":"Adresse e-mail",
-            "scope_name#it":"E-Mail",
-            "scope_name#de":"E-Mail",
-            "scope_description":"http://openid.com",
-            "scope_name#en":"E-mail address"
-          },
-          "implicit_grant_policy":"disallowed",
-          "authorization_grant_policy":"consent_persisted",
-          "refresh_token_grant_policy":"no_consent_required",
-          "authentication_required":false
-        },
-        {
-          "value":"name",
-          "otherAttributes":{
-            "scope_name#fr":"Nom, Prénom",
-            "scope_name#it":"Cognome, Nome",
-            "scope_name#de":"Name, Vorname",
-            "scope_description":"Name",
-            "scope_name#en":"Last name, First name"
-          },
-          "implicit_grant_policy":"disallowed",
-          "authorization_grant_policy":"consent_persisted",
-          "refresh_token_grant_policy":"no_consent_required",
-          "authentication_required":false
-        },
-        {
-          "value":"no_consent_required",
-          "otherAttributes":{
-
-          },
-          "implicit_grant_policy":"disallowed",
-          "authorization_grant_policy":"no_consent_required",
-          "refresh_token_grant_policy":"no_consent_required",
-          "authentication_required":false
-        },
-        {
-          "value":"offline_access",
-          "otherAttributes":{
-
-          },
-          "implicit_grant_policy":"disallowed",
-          "authorization_grant_policy":"no_consent_required",
-          "refresh_token_grant_policy":"no_consent_required",
-          "authentication_required":false
-        },
-        {
-          "value":"openid",
-          "otherAttributes":{
-
-          },
-          "implicit_grant_policy":"disallowed",
-          "authorization_grant_policy":"consent_persisted",
-          "refresh_token_grant_policy":"no_consent_required",
-          "authentication_required":false
-        },
-        {
-          "value":"phone",
-          "otherAttributes":{
-            "scope_name#fr":"Numéro de telefone",
-            "scope_name#it":"Numero di telefono",
-            "scope_name#de":"Telefonnummer",
-            "scope_description":"User Phone number",
-            "scope_name#en":"Phone number"
-          },
-          "implicit_grant_policy":"disallowed",
-          "authorization_grant_policy":"consent_persisted",
-          "refresh_token_grant_policy":"no_consent_required",
-          "authentication_required":false
-        },
-        {
-          "value":"phone_number",
-          "otherAttributes":{
-            "scope_name#fr":"Numéro de mobile",
-            "scope_name#it":"Numero di cellulare",
-            "scope_name#de":"Mobiltelefonnummer",
-            "scope_description":"User Phone number",
-            "scope_name#en":"Mobile phone number"
-          },
-          "implicit_grant_policy":"disallowed",
-          "authorization_grant_policy":"consent_persisted",
-          "refresh_token_grant_policy":"no_consent_required",
-          "authentication_required":false
-        },
-        {
-          "value":"profile",
-          "otherAttributes":{
-            "scope_name#fr":"Nom, Prénom",
-            "scope_name#it":"Cognome, Nome",
-            "scope_name#de":"Name, Vorname",
-            "scope_description":"http://openid.com",
-            "scope_name#en":"Last name, First name"
-          },
-          "implicit_grant_policy":"disallowed",
-          "authorization_grant_policy":"consent_persisted",
-          "refresh_token_grant_policy":"no_consent_required",
-          "authentication_required":false
-        }
-      ],
-      "valid_from":"2023-10-04T12:51:06.000Z",
-      "url":"https://apidev.pnet.ch/UserInfo"
-    },
-    {
-      "id":"ResourceServer_ea7d36ec2adb5857de7dda7cbbbbbbd8",
-      "owner":"oly",
-      "name":"MONITORING-AGB",
-      "link":"rest/modules/oauthv2/setups/Setup_b00528a7a0edc1df1a6b95240d704600/entities/ResourceServer_ea7d36ec2adb5857de7dda7cbbbbbbd8",
-      "meta":[
-
-      ],
-      "otherAttributes":{
-
-      },
-      "scope":[
-        {
-          "value":"MONITOR",
-          "otherAttributes":{
-            "scope_description":"Monitoring platform test",
-            "scope_name":"Monitoring platform test"
-          },
-          "implicit_grant_policy":"no_consent_required",
-          "authorization_grant_policy":"no_consent_required",
-          "refresh_token_grant_policy":"no_consent_required",
-          "authentication_required":false
-        }
-      ],
-      "valid_from":"2023-10-04T12:53:59.000Z",
-      "url":"https://www.post.ch/oauth/terms"
-    }
-  ]
-}

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/nevisauth.yml

@@ -1,16 +0,0 @@
-server:
-  name: "default"
-  protocol: "https"
-  port: "8991"
-  host: "0.0.0.0"
-  tls:
-    keystore: "/var/opt/keys/own/nai2-default-identity/keystore.p12"
-    keystore-passphrase: "${exec:/var/opt/keys/own/nai2-default-identity/keypass}"
-    client-auth: "required"
-    truststore: "/var/opt/keys/trust/nai2-default-tls-client-trust/truststore.p12"
-    truststore-passphrase: "${exec:/var/opt/keys/trust/nai2-default-tls-client-trust/keypass}"
-management:
-  server:
-    port: "9000"
-  healthchecks:
-    enabled: "true"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/otel.properties

@@ -1,4 +0,0 @@
-otel.service.name = nai2
-otel.traces.exporter = none
-otel.metrics.exporter = none
-otel.logs.exporter = none

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/conf/prepare_done.groovy

@@ -1,23 +0,0 @@
-// nevisProxy replaces the entire AUTH: scope when new outargs are returned by nevisAuth.
-// Thus, we have to store tokens in the session (as a String) and restore them on subsequent step-ups.
-
-// restore tokens
-session.each { key, value ->
-    if (key.startsWith('outarg.token.')) {
-        def name = key.substring(7)
-        if (outargs.containsKey(name)) {
-            LOG.debug("not restoring token (outarg: $name) from session: outarg already set")
-        }
-        else {
-            LOG.debug("restoring token (outarg: $name) from session")
-            outargs.put(name, value)
-        }
-    }
-}
-
-// store tokens
-outargs.each { name, value ->
-    if (name.startsWith('token.')) {
-        session.put('outarg.' + name, value)
-    }
-}

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai2/var/opt/nevisauth/default/status.sh

@@ -1,79 +0,0 @@
-#!/bin/bash
-#
-# NAME
-#     status.sh - Checks the status of the nevisAuth instance.
-#
-# SYNOPSIS
-#     status.sh
-#
-# DESCRIPTION
-#     Performs periodic checks until the instance is up or broken or timeout is reached.
-#     The script terminates when the process of the instance stops running.
-#     There are no arguments for this script.
-#
-# EXIT CODES
-#  0    Instance is up.
-#  1    Instance process is not running.
-#  2    Instance is broken.
-#  3    Timeout reached.
-
-# Defines how much we should sleep between checking if the instance is up.
-interval=1
-# Defines how much we should wait the instance to start up until we give up and exit.
-timeout=70
-((end_time=${SECONDS}+$timeout))
-
-# Checks if the process of the instance is still running.
-# Arguments:
-#   None
-# Returns:
-#   In case it is running, returns 0, otherwise non-zero (exit code of systemctl).
-isProcessRunning() {
-  systemctl is-active --quiet nevisauth@default
-  IS_RUNNING=$?
-  return $IS_RUNNING
-}
-
-# Checks if the instance is up. (Attempts connecting to the instance)
-# Arguments:
-#   None
-# Returns:
-#   If the connection was successful and the instance up (is not broken), returns 0.
-#   If the connection was not successful, returns 1.
-checkInstance() {
-  lsof -i :8991 -sTCP:LISTEN
-  EXIT_CODE=$?
-  return $EXIT_CODE
-}
-
-# This function encapsulates the logic of checking if the process is running and if the instance is up.
-# In case the process is not running, exits with exit code 1.
-# Arguments:
-#   None
-# Returns:
-#   If the instance process is running, returns the result of the instance check function.
-check() {
- if isProcessRunning
-  then
-    checkInstance
-    CS=$?
-    return $CS
-  else
-    echo "Process is not running."
-    exit 1
-  fi
-}
-
-# Check the status of the instance periodically.
-while ((${SECONDS} < ${end_time}))
-do
-  sleep ${interval}
-  if check
-  then
-    echo "Instance is up."
-    exit 0
-  fi
-done
-
-echo "Exceeded check timeout (70s). Instance is down."
-exit 3

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/etc/nevis/k8s-nli-7dc20659babc66c4401ce0dd.yaml

@@ -1,53 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisComponent"
-metadata:
-  name: "nli"
-  namespace: "adn-postit-tknxchng-01-dev"
-  labels:
-    deploymentTarget: "nli"
-  annotations:
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "7dc20659babc66c4401ce0dd"
-spec:
-  type: "NevisLogrend"
-  replicas: 1
-  version: "8.2405.0"
-  gitInitVersion: "1.3.0"
-  runAsNonRoot: true
-  ports:
-    server: 8988
-    management: 8997
-  resources:
-    limits:
-      cpu: "500m"
-      memory: "1000Mi"
-    requests:
-      cpu: "10m"
-      memory: "500Mi"
-  livenessProbe:
-    management:
-      httpGet:
-        path: "/nevislogrend/liveness"
-      periodSeconds: 5
-      timeoutSeconds: 6
-  readinessProbe:
-    server:
-      tcpSocket: true
-      periodSeconds: 5
-      timeoutSeconds: 4
-  startupProbe:
-    server:
-      tcpSocket: true
-      periodSeconds: 5
-      timeoutSeconds: 4
-      failureThreshold: 50
-  podDisruptionBudget:
-    maxUnavailable: "50%"
-  git:
-    tag: "r-46b3c950256851308e60d2bd8d5de9ae4cc6f50e"
-    dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli"
-    credentials: "git-credentials"
-  podSecurity:
-    policy: "baseline"
-    automountServiceAccountToken: false
-  timeZone: "Europe/Zurich"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/etc/nevis/nevislogrend_default.yml

@@ -1,18 +0,0 @@
-schemaVersion: 1.0
-instance:
-  type: "nevislogrend"
-  name: "default"
-  directory: "/var/opt/nevislogrend/default"
-  pid: "systemctl show nevislogrend@default -p MainPID | cut -d '=' -f2"
-  source:
-    url: "/nevisadmin/#/projects/DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/patterns/7dc20659babc66c4401ce0dd"
-    projectKey: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT"
-    patternId: "7dc20659babc66c4401ce0dd"
-    patternClass: "ch.nevis.admin.v4.plugin.nevisauth.patterns.NevisLogrendDeployable"
-  resources:
-    ports:
-    - "0.0.0.0:8988"
-  control:
-    start: "systemctl restart nevislogrend@default"
-    stop: "systemctl stop nevislogrend@default"
-    status: "systemctl status nevislogrend@default"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/conf/env.conf

@@ -1,14 +0,0 @@
-RTENV_SECURITY_CHECK=no_shell
-
-# only standalone deployment is supported with nevisAdmin 4
-LOGREND_DEPLOY_TYPE=standalone
-
-JAVA_OPTS=(
-    "-XX:+UseContainerSupport"
-    "-Dfile.encoding=UTF-8"
-    "-XX:MaxRAMPercentage=80.0"
-    "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
-    "-Dotel.javaagent.logging=application"
-    "-Dotel.javaagent.configuration-file=/var/opt/nevislogrend/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2405.0,service.instance.id=$HOSTNAME"
-)

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/conf/logging.yml

@@ -1,19 +0,0 @@
-Configuration:
-  monitorInterval: 60
-  Appenders:
-    Console:
-    - name: "SERVER"
-      target: "SYSTEM_OUT"
-      PatternLayout:
-        pattern: "[nevislogrend.log] %d{ISO8601} %-15.15t %mdc{trace_id} %mdc{span_id} %-40.40c %-5.5p %m%n"
-      RegexFilter:
-        regex: ".*GET /nevislogrend/health.*"
-        onMatch: "DENY"
-        onMismatch: "ACCEPT"
-  Loggers:
-    Logger: []
-    Root:
-      level: "WARN"
-      additivity: "false"
-      AppenderRef:
-      - ref: "SERVER"

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/conf/logrend.properties

@@ -1,26 +0,0 @@
-
-application.accept.loginapplicationidfromuri=no
-application.gui.litdict=yes
-application.gui.substitution=yes
-application.input.charset=UTF-8
-application.inputs.htmlencode=yes
-application.loginapp.current=
-application.loginapp.default=cossa_realm
-application.loginapp.override=header:channel
-application.package.name=nevislogrend
-application.render.content.type=text/html; charset=UTF-8
-application.url.obfuscate=no
-application.webdata.path={0}{2}{1}
-application.webdata.pathparam=logrendresourcepath
-application.webdata.pathparam.default=/login/resources
-cache.revalidate.delay=15
-cache.source=file
-keytag.end=}
-keytag.start=${
-management.healthchecks.enabled=true
-path.config=/var/opt/nevislogrend/default/conf
-path.instance=/var/opt/nevislogrend/default
-server.host=0.0.0.0
-server.name=default
-server.port=8988
-server.protocol=http

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/conf/mimetype.properties

@@ -1,3 +0,0 @@
-ico=image/x-icon
-woff=font/woff
-woff2=font/woff2

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/conf/otel.properties

@@ -1,4 +0,0 @@
-otel.service.name = nli
-otel.traces.exporter = none
-otel.metrics.exporter = none
-otel.logs.exporter = none

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/resources/conf/default.properties

@@ -1,26 +0,0 @@
-# source: pattern://8523f0587aa8cfa7008f8171
-application.countries.default=CH
-# source: pattern://8523f0587aa8cfa7008f8171
-cache.file.exempt=
-# source: pattern://8523f0587aa8cfa7008f8171
-cache.filefolder.exempt=
-# source: pattern://8523f0587aa8cfa7008f8171
-application.language.source.1=param:language
-# source: pattern://8523f0587aa8cfa7008f8171
-application.language.source.2=cookie:LANG
-# source: pattern://8523f0587aa8cfa7008f8171
-application.language.source.3=gui
-# source: pattern://8523f0587aa8cfa7008f8171
-application.language.source.4=browser
-# source: pattern://8523f0587aa8cfa7008f8171
-application.languages=en,de,fr,it
-# source: pattern://8523f0587aa8cfa7008f8171
-application.languages.default=en
-# source: pattern://7dc20659babc66c4401ce0dd
-application.language.cookie.en=LANG:en
-# source: pattern://7dc20659babc66c4401ce0dd
-application.language.cookie.de=LANG:de
-# source: pattern://7dc20659babc66c4401ce0dd
-application.language.cookie.fr=LANG:fr
-# source: pattern://7dc20659babc66c4401ce0dd
-application.language.cookie.it=LANG:it

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/resources/conf/text.properties

@@ -1,6 +0,0 @@
-
-language.de=Deutsch
-language.en=English
-language.fr=Français
-language.it=Italiano
-title=NEVIS SSO Portal

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/resources/conf/text_de.properties

@@ -1,6 +0,0 @@
-
-language.de=Deutsch
-language.en=English
-language.fr=Français
-language.it=Italiano
-title=NEVIS SSO Portal

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/resources/conf/text_en.properties

@@ -1,6 +0,0 @@
-
-language.de=Deutsch
-language.en=English
-language.fr=Français
-language.it=Italiano
-title=NEVIS SSO Portal

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/resources/conf/text_fr.properties

@@ -1,6 +0,0 @@
-
-language.de=Deutsch
-language.en=English
-language.fr=Français
-language.it=Italiano
-title=NEVIS SSO Portal

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/resources/conf/text_it.properties

@@ -1,6 +0,0 @@
-
-language.de=Deutsch
-language.en=English
-language.fr=Français
-language.it=Italiano
-title=NEVIS SSO Portal

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/authcloud_login.js

@@ -1,165 +0,0 @@
-let baseURL; // base URL
-let statusToken; // used to check progress
-let dispatcherElement; // to display link or QR code
-let infoElement; // to display info text
-let errorElement; // to display error text
-
-function addInput(form, name, value) {
-  const input = document.createElement("input");
-  input.name = name;
-  input.value = value;
-  form.appendChild(input);
-}
-
-function submitStatus(status) {
-  // we have to do a form POST instead of AJAX
-  const form = document.createElement("form");
-  form.method = "POST";
-  form.style.display = "none";
-  addInput(form, "status", status);
-  document.body.appendChild(form);
-  form.submit();
-}
-
-const Status = {
-    _pollInterval: 2 * 1000, // Check every 2 seconds
-    latest: null,
-
-    startPolling: function (token, uiCallback) {
-        let interval = setInterval(async () => {
-            await this._check(token).then(function (resp) {
-                console.log("Polling status: %o", resp);
-                uiCallback && uiCallback(resp, false);
-                return Status.latest = resp;
-            })
-            .catch(function (err) {
-                console.error("Error during polling: %o", err);
-                return false;
-            });
-            if (Status.latest && (Status.latest.status === 'succeeded' || Status.latest.status === 'failed' || Status.latest.status === 'unknown')) {
-                // Done!
-                console.log('Latest status is: %o', this.latest);
-                uiCallback && uiCallback(this.latest, true);
-                clearInterval(interval);
-            }
-        }, this._pollInterval);
-    },
-
-    _check: async function (token) {
-        const payload = { statusToken: token };
-        const response = await fetch(baseURL + 'api/v1/status', {
-            method: 'POST',
-            mode: 'cors',
-            cache: 'no-cache',
-            credentials: 'omit',
-            headers: {
-                'Accept': 'application/json',
-                'Content-Type': 'application/json;charset=utf-8'
-            },
-            body: JSON.stringify(payload),
-            redirect: 'follow',
-            referrerPolicy: 'no-referrer'
-        });
-
-        return await response.json();
-    }
-};
-
-function setDeepLinkLabel(button) {
-    const text = document.getElementsByName('info.deeplink')[0].value;
-    button.innerHTML = text;
-}
-
-function messageScanQR() {
-    const text = document.getElementsByName('info.qrcode')[0].value;
-    infoElement.innerHTML = text;
-}
-
-function messageCheckPhone() {
-    const text = document.getElementsByName('info.check.phone')[0].value;
-    infoElement.innerHTML = text;
-}
-
-const Element = {
-
-    _elem: null, // QR code or deep link depending on device
-
-    show: function (appLink) {
-        const userAgent = navigator.userAgent || navigator.vendor || window.opera;
-        const isIphone = 'iPhone' === navigator.platform;
-        const isAndroid = /android/i.test(userAgent) && /mobile/i.test(userAgent);
-        if (isAndroid || isIphone) {
-            this._elem = document.createElement('a');
-            this._elem.setAttribute('href', appLink);
-            this._elem.setAttribute('class', 'btn btn-primary');
-            this._elem.setAttribute('target', '_blank');
-            dispatcherElement.appendChild(this._elem);
-            setDeepLinkLabel(this._elem);
-        }
-        else {
-            const authenticationType = document.getElementsByName('authenticationType')[0].value;
-            if (authenticationType == 'push') {
-                messageCheckPhone();
-            }
-            else {
-                messageScanQR();
-                this._elem = document.createElement('canvas');
-                dispatcherElement.appendChild(this._elem);
-                var qrcode = new QRious({
-                  element: this._elem,
-                  foreground: "#168CA9",
-                  level: "M",
-                  size: 280,
-                  value: appLink
-                });
-            }
-        }
-    },
-
-    hide: function() {
-        // hide the element which was shown
-        if (this._elem != null) {
-            this._elem.style.display = "none";
-        }
-    }
-};
-
-function authenticateUser(appLink) {
-    Element.show(appLink);
-    console.log('Starting Authentication Cloud status polling...');
-    Status.startPolling(statusToken, (st, done) => {
-        if (st.status === 'succeeded') {
-            console.log('Authentication Cloud login done.');
-            submitStatus('succeeded')
-        }
-        else if (st.status === 'failed') {
-            // failed: The transaction failed, either by timeout or because the user did not accept.
-            console.warn('Authentication Cloud login failed. User abort or timeout.');
-            submitStatus('failed')
-        }
-        else if (st.status === 'unknown') {
-            console.error('Authentication Cloud login failed. Unknown status.');
-            submitStatus('unknown')
-        }
-    });
-}
-
-function init() {
-
-    const form = document.getElementById('authcloud_login');
-
-    baseURL = form.url.value;
-    statusToken = form.statusToken.value;
-
-    infoElement = document.getElementById('authcloud_info');
-    errorElement = document.getElementById('authcloud_error');
-
-    dispatcherElement = document.getElementById('authcloud_dispatch');
-
-    const appLink = form.appLink.value;
-    authenticateUser(appLink);
-}
-
-window.onload = function() {
-  init();
-};

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/authcloud_onboard.js

@@ -1,154 +0,0 @@
-let baseURL; // base URL
-let statusToken; // used to check progress
-let dispatcherElement; // to display link or QR code
-let infoElement; // to display info text
-let errorElement; // to display error text
-
-function addInput(form, name, value) {
-  const input = document.createElement("input");
-  input.name = name;
-  input.value = value;
-  form.appendChild(input);
-}
-
-function submitStatus(status) {
-  // we have to do a form POST instead of AJAX
-  const form = document.createElement("form");
-  form.method = "POST";
-  form.style.display = "none";
-  addInput(form, "status", status);
-  document.body.appendChild(form);
-  form.submit();
-}
-
-const Status = {
-    _pollInterval: 2 * 1000, // Check every 2 seconds
-    latest: null,
-
-    startPolling: function (token, uiCallback) {
-        let interval = setInterval(async () => {
-            await this._check(token).then(function (resp) {
-                console.log("Polling status: %o", resp);
-                uiCallback && uiCallback(resp, false);
-                return Status.latest = resp;
-            })
-            .catch(function (err) {
-                console.error("Error during polling: %o", err);
-                return false;
-            });
-            if (Status.latest && (Status.latest.status === 'succeeded' || Status.latest.status === 'failed' || Status.latest.status === 'unknown')) {
-                // Done!
-                console.log('Latest status is: %o', this.latest);
-                uiCallback && uiCallback(this.latest, true);
-                clearInterval(interval);
-            }
-        }, this._pollInterval);
-    },
-
-    _check: async function (token) {
-        const payload = { statusToken: token };
-        const response = await fetch(baseURL + 'api/v1/status', {
-            method: 'POST',
-            mode: 'cors',
-            cache: 'no-cache',
-            credentials: 'omit',
-            headers: {
-                'Accept': 'application/json',
-                'Content-Type': 'application/json;charset=utf-8'
-            },
-            body: JSON.stringify(payload),
-            redirect: 'follow',
-            referrerPolicy: 'no-referrer'
-        });
-
-        return await response.json();
-    }
-};
-
-function setDeepLinkLabel(button) {
-    const text = document.getElementsByName('info.deeplink')[0].value;
-    button.innerHTML = text;
-}
-
-function messageScanQR() {
-    const text = document.getElementsByName('info.qrcode')[0].value;
-    infoElement.innerHTML = text;
-}
-
-const Element = {
-
-    _elem: null, // QR code or deep link depending on device
-
-    show: function (appLink) {
-        const userAgent = navigator.userAgent || navigator.vendor || window.opera;
-        const isIphone = 'iPhone' === navigator.platform;
-        const isAndroid = /android/i.test(userAgent) && /mobile/i.test(userAgent);
-        if (isAndroid || isIphone) {
-            this._elem = document.createElement('a');
-            this._elem.setAttribute('href', appLink);
-            this._elem.setAttribute('class', 'btn btn-primary');
-            this._elem.setAttribute('target', '_blank');
-            dispatcherElement.appendChild(this._elem);
-            setDeepLinkLabel(this._elem);
-        }
-        else {
-            messageScanQR();
-            this._elem = document.createElement('canvas');
-            dispatcherElement.appendChild(this._elem);
-            var qrcode = new QRious({
-              element: this._elem,
-              foreground: "#168CA9",
-              level: "M",
-              size: 280,
-              value: appLink
-            });
-        }
-    },
-
-    hide: function() {
-        // hide the element which was shown
-        if (this._elem != null) {
-            this._elem.style.display = "none";
-        }
-    }
-};
-
-function onboardUser(appLink) {
-    Element.show(appLink);
-    console.log('Starting Authentication Cloud status polling...');
-    Status.startPolling(statusToken, (st, done) => {
-        if (st.status === 'succeeded') {
-            console.log('Authentication Cloud onboarding done.');
-            submitStatus('succeeded')
-        }
-        else if (st.status === 'failed') {
-            // failed: The transaction failed, either by timeout or because the user did not accept.
-            console.warn('Authentication Cloud onboarding failed. User abort or timeout.');
-            submitStatus('failed')
-        }
-        else if (st.status === 'unknown') {
-            console.error('Authentication Cloud onboarding failed. Unknown status.');
-            submitStatus('unknown')
-        }
-    });
-}
-
-function init() {
-
-    const form = document.getElementById('authcloud_onboard');
-
-    baseURL = form.url.value;
-    statusToken = form.statusToken.value;
-
-    infoElement = document.getElementById('authcloud_info');
-    errorElement = document.getElementById('authcloud_error');
-
-    dispatcherElement = document.getElementById('authcloud_dispatch');
-
-    const appLink = form.appLink.value;
-    onboardUser(appLink);
-}
-
-window.onload = function() {
-  init();
-};

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/base64.js

@@ -1,87 +0,0 @@
-/*
- * Base64URL-ArrayBuffer
- * https://github.com/herrjemand/Base64URL-ArrayBuffer
- *
- * Copyright (c) 2017 Yuriy Ackermann <ackermann.yuriy@gmail.com>
- * Copyright (c) 2012 Niklas von Hertzen
- * Licensed under the MIT license.
- *
- */
-(function() {
-    "use strict";
-
-    var chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
-
-    // Use a lookup table to find the index.
-    var lookup = new Uint8Array(256);
-    for (var i = 0; i < chars.length; i++) {
-        lookup[chars.charCodeAt(i)] = i;
-    }
-
-    var encode = function(arraybuffer) {
-        var bytes = new Uint8Array(arraybuffer),
-        i, len = bytes.length, base64 = "";
-
-        for (i = 0; i < len; i+=3) {
-            base64 += chars[bytes[i] >> 2];
-            base64 += chars[((bytes[i] & 3) << 4) | (bytes[i + 1] >> 4)];
-            base64 += chars[((bytes[i + 1] & 15) << 2) | (bytes[i + 2] >> 6)];
-            base64 += chars[bytes[i + 2] & 63];
-        }
-
-        if ((len % 3) === 2) {
-            base64 = base64.substring(0, base64.length - 1);
-        } else if (len % 3 === 1) {
-            base64 = base64.substring(0, base64.length - 2);
-        }
-
-        return base64;
-    };
-
-    var decode = function(base64) {
-        var bufferLength = base64.length * 0.75,
-        len = base64.length, i, p = 0,
-        encoded1, encoded2, encoded3, encoded4;
-
-        var arraybuffer = new ArrayBuffer(bufferLength),
-        bytes = new Uint8Array(arraybuffer);
-
-        for (i = 0; i < len; i+=4) {
-            encoded1 = lookup[base64.charCodeAt(i)];
-            encoded2 = lookup[base64.charCodeAt(i+1)];
-            encoded3 = lookup[base64.charCodeAt(i+2)];
-            encoded4 = lookup[base64.charCodeAt(i+3)];
-
-            bytes[p++] = (encoded1 << 2) | (encoded2 >> 4);
-            bytes[p++] = ((encoded2 & 15) << 4) | (encoded3 >> 2);
-            bytes[p++] = ((encoded3 & 3) << 6) | (encoded4 & 63);
-        }
-
-        return arraybuffer;
-    };
-
-     /**
-     * Exporting and stuff
-     */
-    if (typeof module !== 'undefined' && typeof module.exports !== 'undefined') {
-        module.exports = {
-            'encode': encode,
-            'decode': decode
-        }
-
-    } else {
-        if (typeof define === 'function' && define.amd) {
-            define([], function() {
-                return {
-                    'encode': encode,
-                    'decode': decode
-                }
-            });
-        } else {
-            window.base64url = {
-                'encode': encode,
-                'decode': decode
-            }
-        }
-    }
-})();

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/default.css

@@ -1,222 +0,0 @@
-/********************************************************
- * Layout
- ********************************************************/
-
-html { /* magic to position footer */
-	position: relative;
-	min-height: 100%;
-}
-
-body {
-	margin-bottom: 76px; /* == footer height */
-}
-
-.container, .container-fluid {
- 	padding-left: 36px;
-	padding-right: 36px;
-}
-
-nav {
-	min-height: 100px;
-	padding: 36px;
-}
-
-header {
-	margin-bottom: 16px; /* h1.logintitle adds 20px => 36px */
-}
-
-.container {
- 	min-width: 260px;
- 	max-width: 700px;
-}
-
-h1 {
-	margin-bottom: 50px;
-}
-
-footer {
-	width: 100%;
-	position: absolute;
-	bottom: 0;
-	padding: 0 36px;
-}
-
-img {
-	width: 100%;
-}
-
-/********************************************************
- * Header
- ********************************************************/
-
-header .logo {
-	/* width: 20%;*/
-	/*max-width: 600px;*/
-	max-height: 150px;
-	width: auto;
-}
-
-/********************************************************
- * Dropdown
- ********************************************************/
-a.dropdown-toggle {
-	text-decoration: none;
-}
-
-a.dropdown-toggle:hover {
-	color: #168CA9;
-	border-bottom: 3px solid #168CA9;
-}
-
-.dropdown-menu {
-	padding: 5px 0;
-}
-
-.dropdown-menu li > a {
-	padding: 6px 28px;
-}
-
-.dropdown-menu a > .prefix {
-	display: inline-block;
-	min-width: 22px;
-	margin-right: 28px;
-	text-align: right;
-}
-
-/********************************************************
- * Form
- ********************************************************/
-
-/* Labels should not be bold */
-label {
-	font-weight: normal;
-}
-
-/* Make error messages bold */
-.has-error .help-block {
-	font-weight: bold;
-}
-
-/* Change button size, by default 116px in width */
-.btn {
-	min-width: 116px;
-	padding: 3px 12px;
-}
-
-/* Disable gradient in buttons, ughhhh */
-.btn.btn-primary {
-	border-color: transparent;
-	background-image: none;
-	text-shadow: none;
-	box-shadow: none;
-	-webkit-box-shadow: none;
-}
-
-.help-block a, .help-block a:visited {
-	color: #168CA9;
-  font-weight: bold;
-  text-decoration: none;
-}
-
-.help-block a:hover {
-	color: #168CA9;
-  text-decoration: underline;
-}
-
-/********************************************************
- * Footer
- ********************************************************/
-footer .row {
-	margin: 36px 0 0 0;
-	height: 40px;
-	padding-top: 14px;
-	line-height: 26px; /* to center text: height - padding-top = 26px */
-	border-top: 1px solid #168CA9;
-}
-
-footer .row > div { /* Fix alignment between border + text on Bootstrap grid */
-	padding: 0;
-}
-
-footer .logo-round-container {
-	position: relative;
-}
-
-footer .logo-round {
-	position: absolute;
-	left: 0;
-	right: 0;
-	top: -33px; /* found visually with Chrome Dev Tools */
-	height: 36px;
-	width: 36px;
-	border: 1px solid #00868c;
-	border-radius: 18px;
-	background: #fff;
-	padding: 8px;
-}
-
-footer .logo-round > img {
-	display: block;
-}
-
-#dispatchTargets {
-	margin-top: 20px;
-}
-
-/********************************************************
- * Social login
- ********************************************************/
-.btn.line {
-    background-color: transparent;
-    display: block;
-    width: 100%;
-    padding: 0;
-    margin: 1.5em 0 1em;
-    border: 0.5px solid #ccc;
-    pointer-events: none;
-}
-
-.btn.socialLogin {
-    background-color: #fff;
-    border: thin solid #ccc;
-    color: #000;
-    font-weight: 600;
-    position: relative;
-    margin: 5px;
-    min-width: 140px;
-    width: 210px;
-    border-radius: 8px;
-    padding: 8px 12px;
-    text-align: left;
-}
-
-.socialLogin img {
-    width: 1.5em;
-    height: 108%;
-    margin-right: 0.5em;
-}
-
-.btn.apple img {
-    width: 1.2em;
-}
-
-/********************************************************
- * Show password
- ********************************************************/
-.icon-inside {
-  position: relative;
-}
-
-.icon-inside input {
-  padding-right: calc(0.75rem + 1.25rem + 0.75rem);
-}
-
-.icon-inside button {
-  position: absolute;
-  right: 0;
-  top: 0;
-  margin-top: 0.45rem;
-  margin-right: 0.45rem;
-  background: #FFFFFF;
-  border: #FFFFFF;
-}

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/dropdown.js

@@ -1,36 +0,0 @@
-(function() {
-  var closeDropdownTimeout;
-
-  function closeDropdown(event) {
-    var dropdowns = document.querySelectorAll('.dropdown');
-    for (var i = 0; i < dropdowns.length; i++) {
-      var dropdownMenu = dropdowns[i].querySelector('.dropdown-menu');
-      if (dropdownMenu.style.display !== 'none' && !dropdowns[i].contains(event.target)) {
-        dropdownMenu.style.display = 'none';
-      }
-    }
-
-    // remove event listener till we have a new dropdown menu open
-    if (document.querySelector('.dropdown-menu:not([style*="display: none"])') === null) {
-      document.removeEventListener('click', closeDropdown);
-    }
-  }
-
-  var dropdowns = document.querySelectorAll('.dropdown');
-  for (var i = 0; i < dropdowns.length; i++) {
-    var dropdownMenu = dropdowns[i].querySelector('.dropdown-menu');
-    dropdownMenu.style.display = 'none'; // ensure menu is initially hidden
-
-    dropdowns[i].addEventListener('click', function(e) {
-      // show dropdown menu
-      var dropdownMenu = this.querySelector('.dropdown-menu');
-      dropdownMenu.style.display = 'block';
-
-      // handle clicking away
-      clearTimeout(closeDropdownTimeout);
-      closeDropdownTimeout = setTimeout(function() {
-        document.addEventListener('click', closeDropdown);
-      }, 10);
-    });
-  }
-}());

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/e2eenc.js

@@ -1,98 +0,0 @@
-var e2eenc = function() {
-
-	this.encryptForm = function(algoString, formId) {
-		// TODO: in case of an error we should return false, to prevent the for to be submitted
-		//       or replace the fields with dummy values, just to prevent the the transmission
-		//       of unencrypted values
-		
-
-		// create the array of input fields to encrypt (needs to be done before setting the form
-		// invisible
-		var fieldsToEncrypt = new Array();
-		$.each($("form input:visible"), function(index, _inputField) { fieldsToEncrypt.push($(_inputField));});
-
-		// hide the form, and display the splash screen
-		$('#loginform').css('display','none');
-		$('#e2eeSplashScreen').css('display','block');
-
-		// encryption logic
-		var pubKey = $("input[name='e2eenc.publicKey']").val();
-
-		var kemSessionKey = readPublicKeyAndGenerateSessionKey(pubKey)
-		var iv = forge.random.getBytesSync(16);
-		keyB64 = forge.util.encode64(kemSessionKey.key);
-		encapsulationB64 = forge.util.encode64(kemSessionKey.encapsulation);
-		ivB64 = forge.util.encode64(iv);
-
-		//console.log("Encrypting form " + formId + " (" + algoString + ")");
-		var fields = "";
-		$.each(fieldsToEncrypt, function(index, _inputField) {
-			var inputField = $(_inputField);
-			if (inputField.attr("type") == "text" || inputField.attr("type") == "password") {
-				//console.log("Encrypting field " + JSON.stringify(inputField));
-				var plainValue = inputField.val();
-
-				var encryptedValueB64 = encrypt(kemSessionKey, iv, plainValue);
-				//console.log("Setting encrypted value in b64: " + encryptedValueB64);
-				inputField.val(encryptedValueB64);
-				if (fields.length > 0) {
-					fields = fields + ","
-				}
-				fields = fields + inputField.attr("name");
-			}
-		});
-		$("input[name='e2eenc.iv']").val(ivB64);
-		$("input[name='e2eenc.encapsulation']").val(encapsulationB64);
-		$("input[name='e2eenc.fields']").val(fields);
-	}
-
-	function getRSApublicKey(pem) {
-	    //console.log("PEM: " + pem);
-
-	    var msg = forge.pem.decode(pem)[0];
-
-	    //console.log("msg type: " + msg.type);
-
-	    if(msg.procType && msg.procType.type === 'ENCRYPTED') {
-		throw new Error('Could not retrieve RSA public key from PEM; PEM is encrypted.');
-	    }
-
-	    // convert DER to ASN.1 object
-	    var asn1obj = forge.asn1.fromDer(msg.body);
-	    //console.log("ASN.1 obj: " + JSON.stringify(asn1obj))
-
-	    var pubKey = forge.pki.publicKeyFromAsn1(asn1obj)
-	    //console.log("PubKey: " + JSON.stringify(pubKey))
-	    return pubKey;
-	}
-
-	function generateKEMSessionKey(rsaPublicKey) {
-	    // generate key-derivation-function and initializes it with sha1
-	    var kdf1 = new forge.kem.kdf1(forge.md.sha1.create());
-	    // creates a KEM function based on the key-derivation-function created above
-	    var kem = forge.kem.rsa.create(kdf1);
-	    // generate and encapsulate a 16-byte secret key. 
-	    // The secret key is generated using the kdf defined above.
-	    var kemSessionKey = kem.encrypt(rsaPublicKey, 16);
-	    // kemSessionKey has 'encapsulation' (= pub key) and 'key' (= generated secret key)
-	    return kemSessionKey;
-	}
-
-	function readPublicKeyAndGenerateSessionKey(pem) {
-	    var rsaPublicKey = getRSApublicKey(pem);
-	    //console.log("PubKey: " + JSON.stringify(rsaPublicKey))
-	    var kemSessionKey = generateKEMSessionKey(rsaPublicKey);
-	    //console.log("KEM session key: " + JSON.stringify(kemSessionKey))
-	    return kemSessionKey;
-	}
-
-	function encrypt(kemSessionKey, iv, msg) {
-		var cipher = forge.cipher.createCipher('AES-CBC', kemSessionKey.key);
-		cipher.start({iv: iv});
-		cipher.update(forge.util.createBuffer(msg, 'utf-8'));
-		cipher.finish();
-		var encrypted = cipher.output.getBytes();
-		encryptedB64 = forge.util.encode64(encrypted);
-		return encryptedB64;
-	}
-};

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/eye-off.svg

@@ -1,3 +0,0 @@
-<svg width="22" height="20" viewBox="0 0 22 20" fill="none" xmlns="http://www.w3.org/2000/svg">
-    <path d="M2 1L5.58916 4.58916M20 19L16.4112 15.4112M12.8749 16.8246C12.2677 16.9398 11.6411 17 11.0005 17C6.52281 17 2.73251 14.0571 1.45825 9.99997C1.80515 8.8955 2.33851 7.87361 3.02143 6.97118M8.87868 7.87868C9.42157 7.33579 10.1716 7 11 7C12.6569 7 14 8.34315 14 10C14 10.8284 13.6642 11.5784 13.1213 12.1213M8.87868 7.87868L13.1213 12.1213M8.87868 7.87868L5.58916 4.58916M13.1213 12.1213L5.58916 4.58916M13.1213 12.1213L16.4112 15.4112M5.58916 4.58916C7.14898 3.58354 9.00656 3 11.0004 3C15.4781 3 19.2684 5.94291 20.5426 10C19.8357 12.2507 18.3545 14.1585 16.4112 15.4112" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/eye.svg

@@ -1,4 +0,0 @@
-<svg width="22" height="16" viewBox="0 0 22 16" fill="none" xmlns="http://www.w3.org/2000/svg">
-    <path d="M14 8C14 9.65685 12.6569 11 11 11C9.34315 11 8 9.65685 8 8C8 6.34315 9.34315 5 11 5C12.6569 5 14 6.34315 14 8Z" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-    <path d="M1.45825 7.99997C2.73253 3.94288 6.52281 1 11.0004 1C15.4781 1 19.2684 3.94291 20.5426 8.00004C19.2684 12.0571 15.4781 15 11.0005 15C6.52281 15 2.73251 12.0571 1.45825 7.99997Z" stroke="#6D7C80" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/fido2_auth.js

@@ -1,61 +0,0 @@
-(function() {
-  'use strict'
-
-  async function assertion(options) {
-    let credential;
-    try {
-      credential = await navigator.credentials.get({ "publicKey": options });
-    }
-    // Cancel and timeout can occur besides error
-    catch (error) {
-      console.error(`Failed to get WebAuthn credential: ${error}`);
-      throw error;
-    }
-    // as this is the last call we have to do a top-level request instead of AJAX
-    const form = document.createElement("form");
-    form.method = "POST";
-    form.style.display = "none";
-    addInput(form, "path", "/nevisfido/fido2/assertion/result")
-    addInput(form, "id", credential.id);
-    addInput(form, "type", credential.type);
-    addInput(form, "response.clientDataJSON", base64url.encode(credential.response.clientDataJSON));
-    addInput(form, "response.authenticatorData", base64url.encode(credential.response.authenticatorData));
-    addInput(form, "response.signature", base64url.encode(credential.response.signature));
-    document.body.appendChild(form);
-    form.submit();
-  }
-
-  function authenticate() {
-    // WebAuthn feature detection
-    if (!isWebAuthnSupportedByTheBrowser()) {
-      cancelFido2();
-      return;
-    };
-
-    const request = {};
-    request.path = "/nevisfido/fido2/attestation/options";
-
-    // calling nevisFIDO through nevisAuth on current URL using AJAX
-    fetch("", {
-      method: "POST",
-      headers: {
-        'Content-Type': 'application/json'
-      },
-      body: JSON.stringify(request)
-    })
-    .then(res => res.json())
-    .then(options => {
-      options.challenge = base64url.decode(options.challenge);
-      options.allowCredentials = options.allowCredentials.map((c) => {
-        c.id = base64url.decode(c.id);
-        return c;
-      });
-      return assertion(options);
-    }).catch((error) => {
-      console.error(`Error during FIDO2 authentication: ${error}`);
-      cancelFido2();
-    });
-  }
-
-  authenticate();
-})();

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/fido2_auth_std.js

@@ -1,175 +0,0 @@
-(function() {
-    'use strict'
-
-    async function authenticate(username, params) {
-
-        try {
-            const { authenticationOptionsEndpoint, authenticationEndpoint, statusServiceEndpoint, userVerification, originalResource, nevisAuthEndpoint } = params;
-            const { startAuthentication } = SimpleWebAuthnBrowser;
-
-            // fetch authentication options from nevisFIDO and save the returned fido2SessionId for later use
-            const authOptRespJson = await getAuthenticationOptions(username, userVerification, nevisAuthEndpoint);
-            const fido2SessionId = authOptRespJson.fido2SessionId;
-
-            // do the client side authentication using the SimpleWebAuthn JS library
-            const authRespJson = await startAuthentication(authOptRespJson);
-
-            // in case the authentication response does not contain a userHandle (e.g. virtual authenticators used in system tests)
-            // then we have to obtain it (in our case it is the IDM extId) using the Status Service since at the moment nevisFIDO always expects it
-            if (!authRespJson.response.userHandle) {
-                const statusRespJson = await getFido2SessionStatus(fido2SessionId, statusServiceEndpoint);
-
-                if (statusRespJson && statusRespJson.userId) {
-                    console.log("adding userHandle: " + statusRespJson.userId);
-                    authRespJson.response.userHandle = btoa(statusRespJson.userId); // add missing userHandle
-                }
-                else {
-                   throw new Error('userHandle is missing and could not determine it using the status service');
-                }
-            }
-            else {
-                console.log("userHandle already set: " + authRespJson.response.userHandle);
-            }
-
-            // send the assertion response created by the authenticator to nevisFIDO
-            const serverRespJson = await submitAssertion(authRespJson, authenticationEndpoint);
-
-            // checking the server response of nevisFIDO
-            if ((!serverRespJson) || (serverRespJson && serverRespJson.status !== 'ok')) {
-                let errorMessage = (serverRespJson && serverRespJson.errorMessage) ? serverRespJson.errorMessage : 'unexpected error';
-                throw new Error('authentication failed: ' + errorMessage);
-            }
-
-            // send a request to nevisAuth with the fido2SessionId in the header to trigger the synchronisation of the
-            // nevisFIDO and nevisAuth sessions (FIDO2 AuthState -> SyncFido2SessionStatusHandler) to reach AUTH_DONE
-            await updateNevisAuth(fido2SessionId, nevisAuthEndpoint);
-
-            console.log('authentication was successful');
-
-            console.log('reloading page...');
-            window.location.reload();
-        }
-        catch (error) {
-            console.error(`Error during FIDO2 authentication: ${error}`);
-            cancelFido2();
-        }
-    };
-
-    async function getAuthenticationOptions(username, userVerification, authenticationOptionsEndpoint) {
-
-        const authOptReqJson = {
-            'username': username,
-            'userVerification': userVerification,
-        };
-
-        const authOptReq = JSON.stringify(authOptReqJson);
-        console.log('authOptReq ==> ' + authOptReq);
-
-        const authOptResp = await fetch(authenticationOptionsEndpoint, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json',
-            },
-            body: authOptReq,
-        });
-
-        if (!authOptResp.ok) {
-            throw new Error('authOptResp error: HTTP ' + authOptResp.status + ' ' + authOptResp.statusText);
-        }
-
-        const authOptRespJson = await authOptResp.json()
-        console.log('authOptResp <== ' + JSON.stringify(authOptRespJson));
-
-        return authOptRespJson;
-    };
-
-    async function getFido2SessionStatus(fido2SessionId, statusServiceEndpoint) {
-
-        const statusReqJson = {
-            'fido2SessionId': fido2SessionId,
-        };
-
-        const statusReq = JSON.stringify(statusReqJson);
-        console.log('statusReq ==> ' + statusReq);
-
-        const statusResp = await fetch(statusServiceEndpoint, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json',
-            },
-            body: statusReq,
-        });
-
-        if (!statusResp.ok) {
-            throw new Error('statusResp error: HTTP ' + statusResp.status + ' ' + statusResp.statusText);
-        }
-
-        const statusRespJson = await statusResp.json();
-        console.log('statusResp <== ' + JSON.stringify(statusRespJson));
-
-        return statusRespJson;
-    }
-
-    async function submitAssertion(authRespJson, authenticationEndpoint) {
-
-        console.log("submitting assertion for userHandle: " + authRespJson.response.userHandle);
-
-        // TODO koenig 20230504: read btoa once nevisFIDO is adapted
-        let encodedAuthResp = {
-            "id": authRespJson.id,
-            "response": {
-                "authenticatorData": authRespJson.response.authenticatorData,
-                "signature": authRespJson.response.signature,
-                "userHandle": authRespJson.response.userHandle,
-                "clientDataJSON": authRespJson.response.clientDataJSON
-            },
-            "type": authRespJson.type
-        }
-
-        const authResp = JSON.stringify(encodedAuthResp);
-        console.log('authResp ==> ' + authResp);
-
-        const serverResp = await fetch(authenticationEndpoint, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json',
-            },
-            body: authResp,
-        });
-
-        if (!serverResp.ok) {
-            throw new Error('submitAssertion error: HTTP ' + submitAssertion.status + ' ' + submitAssertion.statusText);
-        }
-
-        const serverRespJson = await serverResp.json();
-        console.log('serverResp <== ' + JSON.stringify(serverRespJson));
-
-        return serverRespJson;
-    };
-
-    async function updateNevisAuth(fido2SessionId, nevisAuthEndpoint) {
-
-        console.log('updateNevisAuth ==> ' + fido2SessionId);
-
-        const updateNevisAuthResponse = await fetch(nevisAuthEndpoint, {
-            method: 'GET',
-            credentials: 'same-origin',
-            headers: {
-                'nevis-fido2-session-id': fido2SessionId,
-            }
-        });
-
-        if (!updateNevisAuthResponse.ok) {
-            throw new Error('updateNevisAuthResponse error: HTTP ' + updateNevisAuthResponse.status + ' ' + updateNevisAuthResponse.statusText);
-        }
-
-        console.log('updateNevisAuth <== OK');
-
-        return;
-    };
-
-    // TODO koenig 20230206: we don't generate IDs into the HTML yet
-    let username = document.getElementsByName("username")[0].value;
-    params.nevisAuthEndpoint = window.location.href;
-    authenticate(username, params);
-})();

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/fido2_onboard.js

@@ -1,70 +0,0 @@
-function dispatch(name) {
-  // we have to do a top-level request instead of AJAX
-  const form = document.createElement("form");
-  form.method = "POST";
-  form.style.display = "none";
-  addInput(form, name, "true");
-  document.body.appendChild(form);
-  form.submit();
-}
-
-async function attestation(options) {
-  let credential;
-  try {
-    credential = await navigator.credentials.create({ "publicKey": options });
-  }
-  // cancel and timeout can occur besides error
-  catch (error) {
-    console.error(`Failed to create WebAuthn credential: ${error}`);
-    throw error;
-  }
-  // as this is the last call we have to do a top-level request instead of AJAX
-  const form = document.createElement("form");
-  form.method = "POST";
-  form.style.display = "none";
-  addInput(form, "path", "/nevisfido/fido2/attestation/result")
-  addInput(form, "id", credential.id);
-  addInput(form, "type", credential.type);
-  addInput(form, "response.clientDataJSON", base64url.encode(credential.response.clientDataJSON));
-  addInput(form, "response.attestationObject", base64url.encode(credential.response.attestationObject));
-  document.body.appendChild(form);
-  form.submit();
-}
-
-function start() {
-
-  if (!isWebAuthnSupportedByTheBrowser()) {
-    dispatch("unsupported");
-    return;
-  };
-
-  const request = {};
-  request.path = "/nevisfido/fido2/attestation/options";
-
-  // calling nevisFIDO through nevisAuth on current URL using AJAX
-  fetch("", {
-    method: "POST",
-    headers: {
-      'Content-Type': 'application/json'
-    },
-    body: JSON.stringify(request)
-  })
-  .then(res => res.json())
-  .then(options => {
-    options.user.id = base64url.decode(options.user.id);
-    options.challenge = base64url.decode(options.challenge);
-    if (options.excludeCredentials != null) {
-      options.excludeCredentials = options.excludeCredentials.map((c) => {
-        c.id = base64url.decode(c.id);
-        return c;
-      });
-    }
-    if (options.authenticatorSelection.authenticatorAttachment === null) {
-      options.authenticatorSelection.authenticatorAttachment = undefined;
-    }
-    return attestation(options);
-  }).catch((error) => {
-    console.log('Error during FIDO2 onboarding: ' + error);
-    dispatch("failed");
-  });
-}

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/fido2_utils.js

@@ -1,40 +0,0 @@
-function addInput(form, name, value) {
-    const input = document.createElement("input");
-    input.name = name;
-    input.value = value;
-    form.appendChild(input);
-}
-
-/**
- * Checks whether WebAuthn is supported by the browser or not.
- * @return true if supported, false if it is not supported or not in secure context
- */
-function isWebAuthnSupportedByTheBrowser() {
-  if (window.isSecureContext) {
-    // This feature is available only in secure contexts in some or all supporting browsers.
-    if ('credentials' in navigator) {
-      return true;
-    }
-    console.warn('Oh no! This browser does not support WebAuthn.');
-    return false;
-  }
-  console.warn('WebAuthn feature is available only in secure contexts. For testing over HTTP, you can use the origin "localhost".');
-  return false;
-}
-
-/**
- * Trigger on cancel pattern of the FIDO2 authentication step.
- * 
- * Provides an alternative when the user decides to 
- * cancel the fido2 credential operation(create or fetch) or
- * the operation fails and the error cannot be handled.
- */
-function cancelFido2() {
-  // we have to do a top-level request instead of AJAX
-  const form = document.createElement("form");
-  form.method = "POST";
-  form.style.display = "none";
-  addInput(form, "cancel_fido2", "true");
-  document.body.appendChild(form);
-  form.submit();
-}

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/icons/apple/black.svg

@@ -1 +0,0 @@
-<svg width="842" height="1e3" xmlns="http://www.w3.org/2000/svg"><path d="M702 960c-54.2 52.6-114 44.4-171 19.6-60.6-25.3-116-26.9-180 0-79.7 34.4-122 24.4-170-19.6-271-279-231-704 77-720 74.7 4 127 41.3 171 44.4 65.4-13.3 128-51.4 198-46.4 84.1 6.8 147 40 189 99.7-173 104-132 332 26.9 396-31.8 83.5-72.6 166-141 227zM423 237C414.9 113 515.4 11 631 1c15.9 143-130 250-208 236z"/></svg>

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/icons/google/google.svg

@@ -1,9 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<svg viewBox="0 0 24 24" width="24" height="24" xmlns="http://www.w3.org/2000/svg">
-  <g transform="matrix(1, 0, 0, 1, 27.009001, -39.238998)">
-    <path fill="#4285F4" d="M -3.264 51.509 C -3.264 50.719 -3.334 49.969 -3.454 49.239 L -14.754 49.239 L -14.754 53.749 L -8.284 53.749 C -8.574 55.229 -9.424 56.479 -10.684 57.329 L -10.684 60.329 L -6.824 60.329 C -4.564 58.239 -3.264 55.159 -3.264 51.509 Z"/>
-    <path fill="#34A853" d="M -14.754 63.239 C -11.514 63.239 -8.804 62.159 -6.824 60.329 L -10.684 57.329 C -11.764 58.049 -13.134 58.489 -14.754 58.489 C -17.884 58.489 -20.534 56.379 -21.484 53.529 L -25.464 53.529 L -25.464 56.619 C -23.494 60.539 -19.444 63.239 -14.754 63.239 Z"/>
-    <path fill="#FBBC05" d="M -21.484 53.529 C -21.734 52.809 -21.864 52.039 -21.864 51.239 C -21.864 50.439 -21.724 49.669 -21.484 48.949 L -21.484 45.859 L -25.464 45.859 C -26.284 47.479 -26.754 49.299 -26.754 51.239 C -26.754 53.179 -26.284 54.999 -25.464 56.619 L -21.484 53.529 Z"/>
-    <path fill="#EA4335" d="M -14.754 43.989 C -12.984 43.989 -11.404 44.599 -10.154 45.789 L -6.734 42.369 C -8.804 40.429 -11.514 39.239 -14.754 39.239 C -19.444 39.239 -23.494 41.939 -25.464 45.859 L -21.484 48.949 C -20.534 46.099 -17.884 43.989 -14.754 43.989 Z"/>
-  </g>
-</svg>

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nli/var/opt/nevislogrend/default/data/applications/MockRelam/webdata/resources/icons/microsoft/microsoft.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" aria-label="Microsoft" role="img" viewBox="0 0 512 512"><rect width="512" height="512" rx="15%" fill="#fff"/><path d="M75 75v171h171v-171z" fill="#f25022"/><path d="M266 75v171h171v-171z" fill="#7fba00"/><path d="M75 266v171h171v-171z" fill="#00a4ef"/><path d="M266 266v171h171v-171z" fill="#ffb900"/></svg>