nevis
/
adn-post-iam-tknxchng-inv
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
adn-post-iam-tknxchng-inv/DEFAULT-ADN-POST-IAM-TKNXCH.../DEFAULT-ADN-POST-IAM-TKNXCH.../nai/var/opt/nevisauth/default/conf/esauth4.xml

339 lines
23 KiB
XML
Raw Permalink Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE esauth-server SYSTEM "/opt/nevisauth/dtd/esauth4.dtd">
<esauth-server instance="nai">
<!-- source: pattern://6ec6739e824c8e56d9633622, pattern://b67f81a971e4c08aa79040a2 -->
<SessionCoordinator sessionInitialInactivityTimeout="600" sessionInactivityTimeout="28800" sessionMaxLifetime="28800" sessionIdPreGenerate="true">
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<LocalSessionStore maxSessions="100000"/>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<TokenAssembler name="DefaultTokenAssembler">
<Selector default="true"/>
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
<TokenSpec ttl="28800">
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<field src="session" key="ch.nevis.session.sessid" as="sessid"/>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<field src="session" key="ch.nevis.session.userid" as="userid"/>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<field src="session" key="ch.nevis.session.authlevel" as="authLevel"/>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<field src="session" key="ch.nevis.session.esauthid" as="esauthid"/>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<field src="session" key="ch.nevis.session.entryid" as="entryid"/>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<field src="session" key="ch.nevis.session.loginid" as="loginId"/>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<field src="session" key="ch.nevis.session.domain" as="domain"/>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<field src="session" key="ch.nevis.session.secroles" as="roles"/>
</TokenSpec>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<Signer key="DefaultSigner"/>
</TokenAssembler>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<KeyStore name="DefaultKeyStore">
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<KeyObject name="DefaultSigner" certificate="/var/opt/keys/own/nai-sh4r3d-default-default-signer/cert.pem" privateKey="/var/opt/keys/own/nai-sh4r3d-default-default-signer/keystore.jks" passPhrase="pipe:///var/opt/keys/own/nai-sh4r3d-default-default-signer/keypass"/>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<KeyObject name="DefaultSignerTrust" certificate="/var/opt/keys/trust/nai-default-default-signer-trust/truststore.jks"/>
</KeyStore>
<!-- source: pattern://d9ea344685ab4a9bb0e1e3e7 -->
<KeyStore name="JwtToken">
<!-- source: pattern://d9ea344685ab4a9bb0e1e3e7 -->
<KeyObject name="tokensigner" certificate="/var/opt/keys/own/tokensigner/cert.pem" privateKey="/var/opt/keys/own/tokensigner/keystore.jks" passPhrase="pipe:///var/opt/keys/own/tokensigner/keypass"/>
</KeyStore>
</SessionCoordinator>
<!-- source: pattern://6ec6739e824c8e56d9633622 -->
<LocalOutOfContextDataStore reaperPeriod="60"/>
<!-- source: pattern://6ec6739e824c8e56d9633622, pattern://b67f81a971e4c08aa79040a2 -->
<AuthEngine useLiteralDictionary="true" literalDictionaryLanguages="en,de,fr,it" inputLanguageCookie="LANG" compatLevel="none" addAutheLevelToSecRoles="true" classPath="/var/opt/nevisauth/default/plugin:/opt/nevisauth/plugin" propagateSession="false">
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
<Domain name="cossa_realm" default="false" inactiveInterval="7200" reauthInterval="0" resetAuthenticationCondition="${inargs:cancel}">
<Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint"/>
<Entry method="authenticate" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
<Entry method="logout" state="cossa_realm_AuthorizationServer"/>
<Entry method="logout" state="cossa_realm_AuthorizationServer" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
<Entry method="stepup" state="cossa_realm_Selector"/>
<Entry method="stepup" state="cossa_realm_TokenExchangeEndpoint" selector="${request:currentResource:^http[s]?\u003A//[^/]+/token/.*$:true}"/>
</Domain>
<AuthState name="cossa_realm_TokenExchangeEndpoint" class="ch.adnovum.cossa.TokenExchangeEndpoint" authLevel="auth.weak" final="false" resumeState="true">
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<ResultCond name="failed" next="cossa_realm_auth_failed"/>
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<ResultCond name="invalid_client" next="cossa_realm_auth_failed"/>
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<ResultCond name="invalid_grant" next="cossa_realm_auth_failed"/>
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<ResultCond name="invalid_request" next="cossa_realm_auth_failed"/>
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<ResultCond name="invalid_scope" next="cossa_realm_auth_failed"/>
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<ResultCond name="ok" next="cossa_realm_IdTokenVerification"/>
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<ResultCond name="refresh_token" next="cossa_realm_RewriteRequestForAuthorizationServerAuthstate"/>
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<ResultCond name="unauthorized_client" next="cossa_realm_auth_failed"/>
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<ResultCond name="unsupported_grant_type" next="cossa_realm_auth_failed"/>
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<Response value="AUTH_CONTINUE">
<!-- source: pattern://89578db79d2bc15d55e11141 -->
<Gui name="Default"/>
</Response>
<propertyRef name="cossa_realm_AuthorizationServer"/>
</AuthState>
<AuthState name="cossa_realm_auth_failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="false">
<!-- source: pattern://72e29eb80a951e518ce123e4 -->
<Response value="AUTH_ERROR">
<!-- source: pattern://72e29eb80a951e518ce123e4 -->
<Gui name="Error">
<!-- source: pattern://72e29eb80a951e518ce123e4 -->
<GuiElem name="info" type="error" label="error_99"/>
<!-- source: pattern://72e29eb80a951e518ce123e4 -->
<GuiElem name="submit" type="button" label="continue.button.label"/>
</Gui>
</Response>
</AuthState>
<AuthState name="cossa_realm_IdTokenVerification" class="ch.adnovum.cossa.IdTokenVerification" final="false" resumeState="false">
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
<ResultCond name="failed" next="cossa_realm_auth_failed"/>
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
<ResultCond name="invalid_grant" next="cossa_realm_auth_failed"/>
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
<ResultCond name="ok" next="cossa_realm_klpscope"/>
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
<Response value="AUTH_CONTINUE">
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
<Gui name="Default"/>
</Response>
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
<property name="well_known_url" value="https://login.sandbox.pre.swissid.ch/idp/oauth2/.well-known/openid-configuration"/>
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
<property name="httpclient.tls.trustAll" value="true"/>
<!-- source: pattern://a976546c6a56dc04c0d34592 -->
<property name="use_caching" value="false"/>
</AuthState>
<AuthState name="cossa_realm_RewriteRequestForAuthorizationServerAuthstate" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false">
<!-- source: pattern://b6cbd53b8eee023b6d65f62d -->
<ResultCond name="ok" next="cossa_realm_AuthorizationServer"/>
<!-- source: pattern://b6cbd53b8eee023b6d65f62d -->
<Response value="AUTH_ERROR">
<!-- source: pattern://b6cbd53b8eee023b6d65f62d -->
<Arg name="ch.nevis.isiweb4.response.status" value="403"/>
</Response>
<!-- source: pattern://b6cbd53b8eee023b6d65f62d -->
<property name="inargs:grant_type" value="refresh_token"/>
<!-- source: pattern://b6cbd53b8eee023b6d65f62d -->
<property name="inargs:refresh_token" value="${inargs:subject_token}"/>
</AuthState>
<AuthState name="cossa_realm_AuthorizationServer" class="ch.nevis.esauth.auth.states.oauth2.AuthorizationServer" final="false" resumeState="true">
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<ResultCond name="authenticate:valid-authorization-request" next="cossa_realm_simulatelogin"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<ResultCond name="invalid-authorization-request" next="cossa_realm_auth_failed"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<ResultCond name="invalid-client" next="cossa_realm_JwtToken"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<ResultCond name="invalid-redirect-uri" next="cossa_realm_auth_failed"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<ResultCond name="invalid-token-request" next="cossa_realm_auth_failed"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<ResultCond name="stepup:valid-authorization-request" next="cossa_realm_simulatelogin"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="keystoreref" value="JwtToken"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="jwt.bearer.aud" value="testaudience"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="keyobjectref" value="tokensigner"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="keyID" value="tokensigner"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="openid.idTokenLifetime" value="600"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="authCodeLifetime" value="60"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="propagationScope" value="session"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="dataSource" value="nevisMeta"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="nevismeta.location" value="https://hans.agov-d.azure.adnovum.net/nevismeta/rest/modules/oauthv2/setups/Setup_00000000000000000000000000000000/entities/"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="openid.support" value="true"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="openid.issuerId" value="https://cossa.agov-w.azure.adnovum.net"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.openid" value=""/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.openid.authorizationCodeFlowPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.openid.refreshTokenRequestPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.openid.implicitFlowPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.openid.clientCredentialsFlowPolicy" value="true"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.offline_access" value=""/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.offline_access.authorizationCodeFlowPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.offline_access.refreshTokenRequestPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.offline_access.implicitFlowPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.offline_access.clientCredentialsFlowPolicy" value="true"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.address" value=""/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.address.authorizationCodeFlowPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.address.refreshTokenRequestPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.address.implicitFlowPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.address.clientCredentialsFlowPolicy" value="true"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.profile" value=""/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.profile.authorizationCodeFlowPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.profile.refreshTokenRequestPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.profile.implicitFlowPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.profile.clientCredentialsFlowPolicy" value="true"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.email" value=""/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.email.authorizationCodeFlowPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.email.refreshTokenRequestPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.email.implicitFlowPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.email.clientCredentialsFlowPolicy" value="true"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.phone" value=""/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.phone.authorizationCodeFlowPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.phone.refreshTokenRequestPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.phone.implicitFlowPolicy" value="NO_CONSENT_REQUIRED"/>
<!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
<property name="scope.phone.clientCredentialsFlowPolicy" value="true"/>
</AuthState>
<AuthState name="cossa_realm_klpscope" class="ch.adnovum.cossa.KLPScopeToProfileBinding" final="false" resumeState="true">
<!-- source: pattern://9c293034211ea47bd3e9c12b -->
<ResultCond name="default" next="cossa_realm_CallPolicyVerificationAPI"/>
<!-- source: pattern://9c293034211ea47bd3e9c12b -->
<Response value="AUTH_CONTINUE"/>
<!-- source: pattern://9c293034211ea47bd3e9c12b -->
<property name="prioritiesSource" value="klp-profiles.conf"/>
<!-- source: pattern://9c293034211ea47bd3e9c12b -->
<property name="profileExpression" value="oauth2.scope.${notes:scope}.metadata.klp_profile"/>
</AuthState>
<AuthState name="cossa_realm_simulatelogin" class="ch.nevis.esauth.auth.states.standard.TransformAttributes" final="false">
<!-- source: pattern://680c047dd9a5220fae3c9c3e -->
<ResultCond name="ok" next="cossa_realm_Prepare_Done"/>
<!-- source: pattern://680c047dd9a5220fae3c9c3e -->
<Response value="AUTH_ERROR">
<!-- source: pattern://680c047dd9a5220fae3c9c3e -->
<Arg name="ch.nevis.isiweb4.response.status" value="403"/>
</Response>
<!-- source: pattern://680c047dd9a5220fae3c9c3e -->
<property name="request:UserId" value="39c985c5-a1e8-4c64-8c34-aeac0cd82109"/>
<!-- source: pattern://680c047dd9a5220fae3c9c3e -->
<property name="roles:add" value="1"/>
<!-- source: pattern://680c047dd9a5220fae3c9c3e -->
<property name="session:ch.adnovum.nevisidm.clientId" value="100"/>
<!-- source: pattern://680c047dd9a5220fae3c9c3e -->
<property name="session:ch.adnovum.nevisidm.profileId" value="a6d8860a-26b7-420c-8c3d-1f531d9fd968"/>
<!-- source: pattern://680c047dd9a5220fae3c9c3e -->
<property name="session:ch.nevis.session.loginid" value="meta.admin@adnovum.ch"/>
</AuthState>
<AuthState name="cossa_realm_JwtToken" class="ch.nevis.esauth.auth.states.jwt.JWTToken" final="false" resumeState="true">
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<ResultCond name="ok" next="cossa_realm_Prepare_Done"/>
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<Response value="AUTH_ERROR"/>
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<property name="out.audience" value="https://www.adnovum.ch"/>
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<property name="out.issuer" value="https://my.nevis.server"/>
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<property name="out.time_to_live" value="86400"/>
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<property name="token.algorithm" value="RS256"/>
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<property name="keystoreref" value="JwtToken"/>
<!-- source: pattern://a1e5d0192e082e689465a0c9 -->
<property name="keyobjectref" value="tokensigner"/>
</AuthState>
<AuthState name="cossa_realm_CallPolicyVerificationAPI" class="ch.adnovum.cossa.CallPolicyVerificationAPI" final="false" resumeState="false">
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<ResultCond name="multiple_profiles" next="cossa_realm_Authentication_Failed"/>
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<ResultCond name="no_valid_profile" next="cossa_realm_Authentication_Failed"/>
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<ResultCond name="ok" next="cossa_realm_Prepare_Done"/>
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<Response value="AUTH_CONTINUE">
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<Gui name="Default"/>
</Response>
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<property name="evaluatePoliciesForAllProfiles" value="false"/>
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<property name="klpURL" value="https://klp.agov-w.azure.adnovum.net/api/endpoint"/>
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<property name="basicAuthUsername" value="testbasicauth"/>
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<property name="basicAuthPassword" value="testtesttest"/>
</AuthState>
<AuthState name="cossa_realm_Prepare_Done" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
<ResultCond name="default" next="cossa_realm_Auth_Done"/>
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
<Response value="AUTH_DONE">
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
<Gui name="ContinueResponse"/>
</Response>
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
<property name="script" value="file:///var/opt/nevisauth/default/conf/prepare_done.groovy"/>
</AuthState>
<AuthState name="cossa_realm_Authentication_Failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="false">
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<Response value="AUTH_ERROR">
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<Gui name="Error">
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<GuiElem name="info" type="error" label="error_99"/>
<!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
<GuiElem name="submit" type="button" label="continue.button.label"/>
</Gui>
</Response>
</AuthState>
<AuthState name="cossa_realm_Auth_Done" class="ch.nevis.esauth.auth.states.standard.AuthDone" final="false">
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
<Response value="AUTH_DONE">
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
<Gui name="ContinueResponse"/>
</Response>
</AuthState>
<AuthState name="cossa_realm_Selector" class="ch.nevis.esauth.auth.states.standard.ConditionalDispatcherState" final="false">
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
<ResultCond name="nomatch" next="cossa_realm_Prepare_Done"/>
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
<Response value="AUTH_ERROR">
<!-- source: pattern://b67f81a971e4c08aa79040a2 -->
<Arg name="ch.nevis.isiweb4.response.status" value="403"/>
</Response>
</AuthState>
</AuthEngine>
<!-- source: pattern://b0fedec4607e1e69103b8497 -->
<RESTService name="rest" class="ch.nevis.esauth.rest.service.tokenintrospection.TokenIntrospectionService" path="/oauth/introspect2/">
<!-- source: pattern://b0fedec4607e1e69103b8497 -->
<property name="authstates" value="cossa_realm_AuthorizationServer"/>
</RESTService>
</esauth-server>
Reference in New Issue View Git Blame Copy Permalink