diff --git a/src/test/docker/directory/Dockerfile b/src/test/docker/directory/Dockerfile
index 3b2b3ec..ee92085 100644
--- a/src/test/docker/directory/Dockerfile
+++ b/src/test/docker/directory/Dockerfile
@@ -1,4 +1,4 @@
FROM osixia/openldap:1.3.0
COPY 001_eduperson.ldif /container/service/slapd/assets/config/bootstrap/ldif
-COPY 999_users.ldif /container/service/slapd/assets/config/bootstrap/ldif
\ No newline at end of file
+COPY 999_users.ldif /container/service/slapd/assets/config/bootstrap/ldif
diff --git a/src/test/docker/docker-compose.yml b/src/test/docker/docker-compose.yml
index 0d70151..c0de9bc 100644
--- a/src/test/docker/docker-compose.yml
+++ b/src/test/docker/docker-compose.yml
@@ -8,7 +8,8 @@ services:
- "--entrypoints.web-secure.address=:443"
- "--providers.file.directory=/configuration/"
- "--providers.file.watch=true"
- # - "--log.level=DEBUG"
+ - "--log.level=DEBUG"
+ - "--serversTransport.insecureSkipVerify=true"
networks:
reverse-proxy:
aliases:
@@ -28,15 +29,21 @@ services:
networks:
- idp
- grouper
+ ports:
+ - 389:389
volumes:
- directory_data:/var/lib/ldap
- directory_config:/etc/ldap/slapd.d
- - ./directory/certs:/container/service/slapd/assets/certs
+ - ./directory/certs:/tmp/certs:ro
environment:
LDAP_BASE_DN: "dc=unicon,dc=local"
LDAP_DOMAIN: "unicon.local"
HOSTNAME: "directory"
LDAP_TLS_VERIFY_CLIENT: "try"
+ LDAP_SEED_INTERNAL_LDAP_TLS_CRT_FILE: /tmp/certs/ldap.crt
+ LDAP_SEED_INTERNAL_LDAP_TLS_KEY_FILE: /tmp/certs/ldap.key
+ LDAP_SEED_INTERNAL_LDAP_TLS_CA_CRT_FILE: /tmp/certs/ca.crt
+ LDAP_SEED_INTERNAL_LDAP_TLS_DH_PARAM_FILE: /tmp/certs/dhparam.pem
database:
image: postgres
networks:
@@ -61,9 +68,11 @@ services:
networks:
- idp
- reverse-proxy
+ #ports:
+ # - 8443:443
volumes:
- - ./directory/certs/ca.crt:/opt/shibboleth-idp/credentials/ldap-server.crt
- - ./grouper/config/sp-metadata.xml:/opt/shibboleth-idp/metadata/sp-metadata.xml
+ - ./directory/certs/ca.crt:/opt/shibboleth-idp/credentials/ldap-server.crt:ro
+ - ./grouper/config/sp-metadata.xml:/opt/shibboleth-idp/metadata/sp-metadata.xml:ro
healthcheck:
disable: true
grouper-ui:
@@ -85,11 +94,17 @@ services:
volumes:
- ../../../target/grouper-authentication-plugin-0.0.1-SNAPSHOT.jar:/opt/grouper/plugins/grouper-authentication-plugin.jar
- ./grouper/config/grouper.properties:/opt/grouper/grouperWebapp/WEB-INF/classes/grouper.properties
- - ./grouper/config/grouper-ui.properties:/opt/grouper/grouperWebapp/WEB-INF/classes/grouper-ui.properties
+ ## Uncomment one of the grouper-ui.properties below depending on the authentication method
+ ## -- OIDC --
+ - ./grouper/config/grouper-ui.properties.oidc:/opt/grouper/grouperWebapp/WEB-INF/classes/grouper-ui.properties
+ ## -- SAML --
+ #- ./grouper/config/grouper-ui.properties.saml:/opt/grouper/grouperWebapp/WEB-INF/classes/grouper-ui.properties
+ ## -- CAS --
+ #- ./grouper/config/grouper-ui.properties.cas:/opt/grouper/grouperWebapp/WEB-INF/classes/grouper-ui.properties
- ./grouper/config/grouper-loader.properties:/opt/grouper/grouperWebapp/WEB-INF/classes/grouper-loader.properties
- ./grouper/config/subject.properties:/opt/grouper/grouperWebapp/WEB-INF/classes/subject.properties
- ./shibboleth-idp/opt-shibboleth-idp/metadata/idp-metadata.xml:/opt/grouper/idp-metadata.xml
- - ./grouper/cacerts:/usr/lib/jvm/java-17-amazon-corretto/lib/security/cacerts
+ - ./grouper/certs/unicon.local.pem:/opt/grouper/certs/client/unicon.local.pem
environment:
GROUPER_DATABASE_URL: "jdbc:postgresql://database/grouper"
GROUPER_DATABASE_USERNAME: "grouper"
diff --git a/src/test/docker/grouper/cacerts b/src/test/docker/grouper/cacerts
deleted file mode 100644
index fc55fe3..0000000
Binary files a/src/test/docker/grouper/cacerts and /dev/null differ
diff --git a/src/test/docker/grouper/certs/unicon.local.pem b/src/test/docker/grouper/certs/unicon.local.pem
new file mode 100644
index 0000000..8d45927
--- /dev/null
+++ b/src/test/docker/grouper/certs/unicon.local.pem
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDCDCCAfCgAwIBAgIJANdpvkovSXs6MA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNV
+BAMMDioudW5pY29uLmxvY2FsMB4XDTIwMDUyNzE3MzE1OVoXDTMwMDUyNzE3MzE1
+OVowGTEXMBUGA1UEAwwOKi51bmljb24ubG9jYWwwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCh9zduMpOqWDPfx5vHSBoWDwk44cc8XdFCD7nqi9EPHewO
+jAKCVihWKGa3OX6kQ4g6VIE7PCqdvtjq6eJ54FKuJ7FiFQweuaUXlXx5tdiWYfVe
++BV7jaLJGy0iniPgx8Pu9ajQOOINcmLwixYkTe+OBfeMgeivk0+o58/Lmkl2FyAv
+IvGA2Glxf8QtxQwHgtQLU3aHRlgi6YHSIxolvX+CuDvj4xsgLBdCphYkJtUXmaKO
+frQRxnHVxUUptWptqbwJPxrOMnIIdteRnduo+/i0RZ33+tC5W61Cr2uyoDGUzmKE
+HKgfTMxLeqJLtm+sB74xmI3Fsnq3qfWajZLqUyz5AgMBAAGjUzBRMB0GA1UdDgQW
+BBROeSN15J2wAW9OMZAdPIz84DEOsjAfBgNVHSMEGDAWgBROeSN15J2wAW9OMZAd
+PIz84DEOsjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQASo38W
+sqw8vijAs3DSYUCjFjlAvlwjsXU0y4IpelmgYSWD0Lqfb9/5jEu06F8hzLMSzmAL
+4UKIX6TwtLQb3HLvYObbjhaSSYG0Tl702dANW499QlHF/gYsCb9C6oA+5jzfHd7Y
+LS8bUv6gZkC3rP1E0kCGLJGrtvdMniAPuZ8W25SFedpR0iR7+d+lg9oOBsgjkWGc
+eKNtSJvic5dyZQCDlEzXVa3lyBOrawW9J/Sqhm0v3Tar1CVKoeXU3QV/bx7s8TWH
+YvaxQ82dOsGwZDMmPHhnJQDIQqjt2H9RJjrJy440RwyLiDr1A3/AJxrqpz98QONG
+FOhuJQXDH3YGDP7B
+-----END CERTIFICATE-----
diff --git a/src/test/docker/grouper/config/grouper-ui.properties b/src/test/docker/grouper/config/grouper-ui.properties
deleted file mode 100644
index c0c5d69..0000000
--- a/src/test/docker/grouper/config/grouper-ui.properties
+++ /dev/null
@@ -1,23 +0,0 @@
-grouper.is.extAuth.enabled = true
-external.authentication.grouperContextUrl = https://grouper-ui.unicon.local/grouper
-
-external.authentication.provider = oidc
-external.authentication.oidc.clientId = grouper
-external.authentication.oidc.discoveryURI = https://idp.unicon.local/idp/profile/oidc/configuration
-external.authentication.oidc.secret = thisisverysecret
-external.authentication.oidc.claimAsUsername = preferred_username
-
-#external.authentication.provider = saml
-#external.authentication.saml.identityProviderEntityId = https://idp.unicon.local/idp/shibboleth
-#external.authentication.saml.serviceProviderEntityId = http://localhost:8080/grouper
-#external.authentication.saml.serviceProviderMetadataPath = file:/opt/grouper/sp-metadata.xml
-#external.authentication.saml.identityProviderMetadataPath = file:/opt/grouper/idp-metadata.xml
-#external.authentication.saml.keystorePath = file:/opt/grouper/here.key
-#external.authentication.saml.keystorePassword = testme
-#external.authentication.saml.privateKeyPassword = testme
-#external.authentication.saml.attributeAsId = urn:oid:0.9.2342.19200300.100.1.1
-
-# Note for CAS: you'll need to make sure that the CAS server SSL certificate is available in the trust store
-#external.authentication.provider = cas
-#external.authentication.cas.prefixUrl = https://idp.unicon.local/idp/profile/cas
-#external.authentication.cas.protocol = CAS20
\ No newline at end of file
diff --git a/src/test/docker/grouper/config/grouper-ui.properties.cas b/src/test/docker/grouper/config/grouper-ui.properties.cas
new file mode 100644
index 0000000..214520d
--- /dev/null
+++ b/src/test/docker/grouper/config/grouper-ui.properties.cas
@@ -0,0 +1,7 @@
+grouper.is.extAuth.enabled = true
+external.authentication.grouperContextUrl = https://grouper-ui.unicon.local/grouper
+
+# Note for CAS: you'll need to make sure that the CAS server SSL certificate is available in the trust store
+external.authentication.provider = cas
+external.authentication.cas.prefixUrl = https://idp.unicon.local/idp/profile/cas
+external.authentication.cas.protocol = CAS20
diff --git a/src/test/docker/grouper/config/grouper-ui.properties.oidc b/src/test/docker/grouper/config/grouper-ui.properties.oidc
new file mode 100644
index 0000000..d491c90
--- /dev/null
+++ b/src/test/docker/grouper/config/grouper-ui.properties.oidc
@@ -0,0 +1,8 @@
+grouper.is.extAuth.enabled = true
+external.authentication.grouperContextUrl = https://grouper-ui.unicon.local/grouper
+
+external.authentication.provider = oidc
+external.authentication.oidc.clientId = grouper
+external.authentication.oidc.discoveryURI = https://idp.unicon.local/idp/profile/oidc/configuration
+external.authentication.oidc.secret = thisisverysecret
+external.authentication.oidc.claimAsUsername = preferred_username
diff --git a/src/test/docker/grouper/config/grouper-ui.properties.saml b/src/test/docker/grouper/config/grouper-ui.properties.saml
new file mode 100644
index 0000000..5416ec1
--- /dev/null
+++ b/src/test/docker/grouper/config/grouper-ui.properties.saml
@@ -0,0 +1,12 @@
+grouper.is.extAuth.enabled = true
+external.authentication.grouperContextUrl = https://grouper-ui.unicon.local/grouper
+
+external.authentication.provider = saml
+external.authentication.saml.identityProviderEntityId = https://idp.unicon.local/idp/shibboleth
+external.authentication.saml.serviceProviderEntityId = http://localhost:8080/grouper
+external.authentication.saml.serviceProviderMetadataPath = file:/opt/grouper/sp-metadata.xml
+external.authentication.saml.identityProviderMetadataPath = file:/opt/grouper/idp-metadata.xml
+external.authentication.saml.keystorePath = file:/opt/grouper/here.key
+external.authentication.saml.keystorePassword = testme
+external.authentication.saml.privateKeyPassword = testme
+external.authentication.saml.attributeAsId = urn:oid:0.9.2342.19200300.100.1.1
diff --git a/src/test/docker/shibboleth-idp/Dockerfile b/src/test/docker/shibboleth-idp/Dockerfile
index 4099cc3..36d46a0 100644
--- a/src/test/docker/shibboleth-idp/Dockerfile
+++ b/src/test/docker/shibboleth-idp/Dockerfile
@@ -1,42 +1,61 @@
-FROM amazoncorretto:17 as install
-
-ARG TOMCAT_VERSION=10.1.15
-
-COPY keys/* /tmp/keys/
-
-RUN yum install -y tar gzip
-
-RUN gpg --import /tmp/keys/TOMCAT_PGP_KEYS
-
-RUN curl -L https://archive.apache.org/dist/tomcat/tomcat-10/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz -o apache-tomcat-$TOMCAT_VERSION.tar.gz \
- && curl https://archive.apache.org/dist/tomcat/tomcat-10/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc -o apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \
- && gpg --verify apache-tomcat-$TOMCAT_VERSION.tar.gz.asc apache-tomcat-$TOMCAT_VERSION.tar.gz \
- && tar -zxvf apache-tomcat-$TOMCAT_VERSION.tar.gz -C /opt \
- && rm apache-tomcat-$TOMCAT_VERSION.tar.gz \
- && mv /opt/apache-tomcat-$TOMCAT_VERSION/ /opt/tomcat \
- && rm -rf /opt/tomcat/webapps/*
-
-FROM amazoncorretto:17 as shib-setup
-
-RUN yum install -y dos2unix
-
-COPY opt-shibboleth-idp /opt/shibboleth-idp/
-
-RUN dos2unix /opt/shibboleth-idp/bin/*.sh \
- && chmod +x /opt/shibboleth-idp/bin/*.sh
-
-FROM amazoncorretto:17 as prod
-
-COPY --from=install /opt/tomcat /opt/tomcat/
-
-COPY --from=shib-setup /opt/shibboleth-idp /opt/shibboleth-idp/
-
-COPY tomcat/idp.xml /opt/tomcat/conf/Catalina/localhost/
-COPY tomcat/server.xml /opt/tomcat/conf/
-COPY tomcat/setenv.sh /opt/tomcat/bin/
-
-ENTRYPOINT /opt/shibboleth-idp/bin/build.sh && /opt/tomcat/bin/catalina.sh run
-
-FROM prod as dev
-
-FROM prod
\ No newline at end of file
+FROM tier/shib-idp:4.3.1_20231218
+
+WORKDIR /opt/shibboleth-idp
+
+COPY plugin-truststore/net.shibboleth.oidc.common/truststore.asc /opt/shibboleth-idp/credentials/net.shibboleth.oidc.common/
+COPY plugin-truststore/net.shibboleth.idp.plugin.oidc.config/truststore.asc /opt/shibboleth-idp/credentials/net.shibboleth.idp.plugin.oidc.config/
+COPY plugin-truststore/net.shibboleth.idp.plugin.oidc.op/truststore.asc /opt/shibboleth-idp/credentials/net.shibboleth.idp.plugin.oidc.op/
+
+RUN bin/plugin.sh --noPrompt -I net.shibboleth.oidc.common \
+ && bin/plugin.sh --noPrompt -I net.shibboleth.idp.plugin.oidc.config \
+ && bin/plugin.sh --noPrompt -I net.shibboleth.idp.plugin.oidc.op
+
+COPY tomcat/server.xml /usr/local/tomcat/conf/
+
+COPY opt-shibboleth-idp/ /opt/shibboleth-idp/
+
+EXPOSE 8080
+
+
+#FROM amazoncorretto:17 as install
+#
+#ARG TOMCAT_VERSION=10.1.15
+#
+#COPY keys/* /tmp/keys/
+#
+#RUN yum install -y tar gzip
+#
+#RUN gpg --import /tmp/keys/TOMCAT_PGP_KEYS
+#
+#RUN curl -L https://archive.apache.org/dist/tomcat/tomcat-10/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz -o apache-tomcat-$TOMCAT_VERSION.tar.gz \
+# && curl https://archive.apache.org/dist/tomcat/tomcat-10/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc -o apache-tomcat-$TOMCAT_VERSION.tar.gz.asc \
+# && gpg --verify apache-tomcat-$TOMCAT_VERSION.tar.gz.asc apache-tomcat-$TOMCAT_VERSION.tar.gz \
+# && tar -zxvf apache-tomcat-$TOMCAT_VERSION.tar.gz -C /opt \
+# && rm apache-tomcat-$TOMCAT_VERSION.tar.gz \
+# && mv /opt/apache-tomcat-$TOMCAT_VERSION/ /opt/tomcat \
+# && rm -rf /opt/tomcat/webapps/*
+#
+#FROM amazoncorretto:17 as shib-setup
+#
+#RUN yum install -y dos2unix
+#
+#COPY opt-shibboleth-idp /opt/shibboleth-idp/
+#
+#RUN dos2unix /opt/shibboleth-idp/bin/*.sh \
+# && chmod +x /opt/shibboleth-idp/bin/*.sh
+#
+#FROM amazoncorretto:17 as prod
+#
+#COPY --from=install /opt/tomcat /opt/tomcat/
+#
+#COPY --from=shib-setup /opt/shibboleth-idp /opt/shibboleth-idp/
+#
+#COPY tomcat/idp.xml /opt/tomcat/conf/Catalina/localhost/
+#COPY tomcat/server.xml /opt/tomcat/conf/
+#COPY tomcat/setenv.sh /opt/tomcat/bin/
+#
+#ENTRYPOINT /opt/shibboleth-idp/bin/build.sh && /opt/tomcat/bin/catalina.sh run
+#
+#FROM prod as dev
+#
+#FROM prod
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/aacli.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/aacli.sh
deleted file mode 100644
index cad1f70..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/aacli.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh -Dnet.shibboleth.idp.cli.arguments=net.shibboleth.idp.cli.ResolverTestArguments \
- net.shibboleth.idp.cli.CLI "$@"
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/build.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/build.sh
deleted file mode 100644
index bd703f9..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/build.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh net.shibboleth.idp.installer.impl.IdPBuildWar --ansi --home "$LOCATION/.." "$@"
-
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/dumpconfig.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/dumpconfig.sh
deleted file mode 100644
index 3591267..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/dumpconfig.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh -Dnet.shibboleth.idp.cli.arguments=net.shibboleth.idp.cli.DumpConfigArguments \
- net.shibboleth.idp.cli.CLI "$@"
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/issue-access-token.bat b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/issue-access-token.bat
deleted file mode 100644
index 8c84d60..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/issue-access-token.bat
+++ /dev/null
@@ -1,4 +0,0 @@
-@echo off
-setlocal
-
-"%~dp0\runclass.bat" -Dnet.shibboleth.idp.cli.arguments=net.shibboleth.idp.plugin.oidc.op.cli.IssueRegistrationAccessTokenArguments net.shibboleth.idp.cli.CLI %*
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/issue-access-token.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/issue-access-token.sh
deleted file mode 100644
index 2419aab..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/issue-access-token.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh \
- -Dnet.shibboleth.idp.cli.arguments=net.shibboleth.idp.plugin.oidc.op.cli.IssueRegistrationAccessTokenArguments \
- net.shibboleth.idp.cli.CLI "$@"
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/jwtgen.bat b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/jwtgen.bat
deleted file mode 100644
index 8dd753f..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/jwtgen.bat
+++ /dev/null
@@ -1,4 +0,0 @@
-@echo off
-setlocal
-
-"%~dp0\runclass.bat" -jar %~dp0\lib\json-web-key-generator-0.8.2-jar-with-dependencies.jar %*
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/jwtgen.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/jwtgen.sh
deleted file mode 100644
index d7b97b7..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/jwtgen.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh '-jar' $LOCATION/lib/json-web-key-generator-0.8.2-jar-with-dependencies.jar "$@"
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/keygen.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/keygen.sh
deleted file mode 100644
index 7e4ad7a..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/keygen.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh net.shibboleth.shared.security.impl.SelfSignedCertificateGenerator "$@"
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/lib/json-web-key-generator-0.8.2-jar-with-dependencies.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/lib/json-web-key-generator-0.8.2-jar-with-dependencies.jar
deleted file mode 100644
index c697d8a..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/lib/json-web-key-generator-0.8.2-jar-with-dependencies.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/mdquery.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/mdquery.sh
deleted file mode 100644
index 06c64a0..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/mdquery.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh -Dnet.shibboleth.idp.cli.arguments=net.shibboleth.idp.cli.MetadataQueryArguments \
- net.shibboleth.idp.cli.CLI "$@"
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/module.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/module.sh
deleted file mode 100644
index a0b872a..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/module.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh net.shibboleth.idp.cli.impl.ModuleManagerCLI --ansi --home "$LOCATION/.." "$@"
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/oidc-clients.bat b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/oidc-clients.bat
deleted file mode 100644
index e427988..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/oidc-clients.bat
+++ /dev/null
@@ -1,4 +0,0 @@
-@echo off
-setlocal
-
-"%~dp0\runclass.bat" -Dnet.shibboleth.idp.cli.arguments=net.shibboleth.idp.plugin.oidc.op.cli.ClientManagementArguments net.shibboleth.idp.cli.CLI %*
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/oidc-clients.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/oidc-clients.sh
deleted file mode 100644
index b6b6b35..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/oidc-clients.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh \
- -Dnet.shibboleth.idp.cli.arguments=net.shibboleth.idp.plugin.oidc.op.cli.ClientManagementArguments \
- net.shibboleth.idp.cli.CLI "$@"
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/plugin.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/plugin.sh
deleted file mode 100644
index bed28d8..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/plugin.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-declare NO_PLUGIN_WEBAPP
-
-LOCATION=$(dirname $0)
-NO_PLUGIN_WEBAPP="TRUE"
-export NO_PLUGIN_WEBAPP
-
-$LOCATION/runclass.sh net.shibboleth.idp.installer.plugin.impl.PluginInstallerCLI --home "$LOCATION/.." "$@"
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/reload-metadata.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/reload-metadata.sh
deleted file mode 100644
index 381ee3d..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/reload-metadata.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh -Dnet.shibboleth.idp.cli.arguments=net.shibboleth.idp.cli.ReloadMetadataArguments \
- net.shibboleth.idp.cli.CLI "$@"
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/reload-service.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/reload-service.sh
deleted file mode 100644
index b572187..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/reload-service.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh -Dnet.shibboleth.idp.cli.arguments=net.shibboleth.idp.cli.ReloadServiceArguments \
- net.shibboleth.idp.cli.CLI "$@"
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/runclass.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/runclass.sh
deleted file mode 100644
index 807fbc3..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/runclass.sh
+++ /dev/null
@@ -1,57 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-declare COMMAND
-declare JAVACMD
-declare LOCALCLASSPATH
-declare LIBDIR
-
-LOCATION=$(dirname $0)
-
-if [ -z "$JAVACMD" ] ; then
- if [ -n "$JAVA_HOME" ] ; then
- if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
- # IBM's JDK on AIX uses strange locations for the executables
- JAVACMD=$JAVA_HOME/jre/sh/java
- else
- JAVACMD=$JAVA_HOME/bin/java
- fi
- else
- JAVACMD=$(which java)
- fi
-fi
-
-if [ ! -x "$JAVACMD" ] ; then
- echo "Error: JAVA_HOME is not defined correctly."
- echo " We cannot execute $JAVACMD"
- exit 1
-fi
-
-if [ -n "$CLASSPATH" ] ; then
- LOCALCLASSPATH=$CLASSPATH
-fi
-
-if [ -z "$IDP_BASE_URL" ] ; then
- IDP_BASE_URL="http://localhost/idp"
-fi
-
-# add in the dependency .jar files
-
-LOCALCLASSPATH="$LOCATION/../dist/webapp/WEB-INF/lib/*":$LOCALCLASSPATH
-if [ -z "$NO_PLUGIN_WEBAPP" ] ; then
- LOCALCLASSPATH="$LOCATION/../dist/plugin-webapp/WEB-INF/lib/*":$LOCALCLASSPATH
-fi
-LOCALCLASSPATH="$LOCATION/../edit-webapp/WEB-INF/lib/*":$LOCALCLASSPATH
-LOCALCLASSPATH="$LOCATION/../dist/binlib/*":$LOCALCLASSPATH
-
-if [ -n "$JAVA_HOME" ] ; then
- if [ -f "$JAVA_HOME/lib/tools.jar" ] ; then
- LOCALCLASSPATH=$LOCALCLASSPATH:$JAVA_HOME/lib/tools.jar
- fi
-
- if [ -f "$JAVA_HOME/lib/classes.zip" ] ; then
- LOCALCLASSPATH=$LOCALCLASSPATH:$JAVA_HOME/lib/classes.zip
- fi
-fi
-
-"$JAVACMD" '-classpath' "$LOCALCLASSPATH" $JAVA_OPTS -Dnet.shibboleth.idp.cli.baseURL=$IDP_BASE_URL "$@" $SHIB_OPTS
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/sealer.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/sealer.sh
deleted file mode 100644
index 1f09ed0..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/sealer.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh net.shibboleth.idp.cli.DataSealerCLI "$@"
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/seckeygen.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/seckeygen.sh
deleted file mode 100644
index 67b22f9..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/seckeygen.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh net.shibboleth.shared.security.impl.BasicKeystoreKeyStrategyTool "$@"
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/status.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/status.sh
deleted file mode 100644
index ddbe171..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/status.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh -Dnet.shibboleth.idp.cli.arguments=net.shibboleth.idp.cli.StatusArguments \
- net.shibboleth.idp.cli.CLI "$@"
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/update.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/update.sh
deleted file mode 100644
index 42e7699..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/update.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh net.shibboleth.idp.installer.impl.UpdateIdPCLI --ansi --home "$LOCATION/.." "$@"
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/version.sh b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/version.sh
deleted file mode 100644
index 6a49ceb..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/bin/version.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/usr/bin/env bash
-
-declare LOCATION
-
-LOCATION=$(dirname $0)
-
-$LOCATION/runclass.sh net.shibboleth.idp.Version
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/admin/admin.properties b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/admin/admin.properties
deleted file mode 100644
index efda4ce..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/admin/admin.properties
+++ /dev/null
@@ -1,89 +0,0 @@
-# Configure properties controlling administrative features
-
-#idp.status.logging = Status
-#idp.status.accessPolicy = AccessByIPAddress
-#idp.status.authenticated = false
-#idp.status.nonBrowserSupported = false
-#idp.status.defaultAuthenticationMethods =
-#idp.status.resolveAttributes = false
-#idp.status.postAuthenticationFlows =
-
-#idp.reload.logging = Reload
-#idp.reload.accessPolicy = AccessByIPAddress
-#idp.reload.authenticated = false
-#idp.reload.nonBrowserSupported = false
-#idp.reload.defaultAuthenticationMethods =
-#idp.reload.resolveAttributes = false
-#idp.reload.postAuthenticationFlows =
-
-#idp.resolvertest.logging = ResolverTest
-#idp.resolvertest.accessPolicy = AccessByIPAddress
-#idp.resolvertest.authenticated = false
-#idp.resolvertest.nonBrowserSupported = false
-#idp.resolvertest.defaultAuthenticationMethods =
-#idp.resolvertest.resolveAttributes = false
-#idp.resolvertest.postAuthenticationFlows =
-
-#idp.dumpconfig.logging = DumpConfig
-#idp.dumpconfig.accessPolicy = AccessByIPAddress
-#idp.dumpconfig.authenticated = false
-#idp.dumpconfig.nonBrowserSupported = false
-#idp.dumpconfig.defaultAuthenticationMethods =
-#idp.dumpconfig.resolveAttributes = false
-#idp.dumpconfig.postAuthenticationFlows =
-
-#idp.mdquery.logging = MetadataQuery
-#idp.mdquery.accessPolicy = AccessByIPAddress
-#idp.mdquery.authenticated = false
-#idp.mdquery.nonBrowserSupported = false
-#idp.mdquery.defaultAuthenticationMethods =
-#idp.mdquery.resolveAttributes = false
-#idp.mdquery.postAuthenticationFlows =
-
-#idp.metrics.logging = Metrics
-#idp.metrics.authenticated = false
-#idp.metrics.nonBrowserSupported = false
-#idp.metrics.defaultAuthenticationMethods =
-#idp.metrics.resolveAttributes = false
-#idp.metrics.postAuthenticationFlows =
-# See admin/metrics.xml for other configuration
-
-#idp.hello.logging = Hello
-idp.hello.accessPolicy = AccessByIPAddress
-#idp.hello.authenticated = true
-#idp.hello.nonBrowserSupported = false
-#idp.hello.defaultAuthenticationMethods =
-#idp.hello.resolveAttributes = true
-#idp.hello.postAuthenticationFlows =
-
-#idp.lockout.logging = Lockout
-#idp.lockout.accessPolicy = AccessDenied
-#idp.lockout.authenticated = false
-#idp.lockout.nonBrowserSupported = false
-#idp.lockout.defaultAuthenticationMethods =
-#idp.lockout.resolveAttributes = false
-#idp.lockout.postAuthenticationFlows =
-
-#idp.revocation.logging = Revocation
-#idp.revocation.accessPolicy = AccessDenied
-#idp.revocation.authenticated = false
-#idp.revocation.nonBrowserSupported = false
-#idp.revocation.defaultAuthenticationMethods =
-#idp.revocation.resolveAttributes = false
-#idp.revocation.postAuthenticationFlows =
-
-#idp.storage.logging = Storage
-#idp.storage.accessPolicy = AccessDenied
-#idp.storage.authenticated = false
-#idp.storage.nonBrowserSupported = false
-#idp.storage.defaultAuthenticationMethods =
-#idp.storage.resolveAttributes = false
-#idp.storage.postAuthenticationFlows =
-
-#idp.unlock-keys.logging = UnlockKeys
-#idp.unlock-keys.accessPolicy = AccessDenied
-#idp.unlock-keys.authenticated = true
-#idp.unlock-keys.nonBrowserSupported = false
-#idp.unlock-keys.defaultAuthenticationMethods =
-#idp.unlock-keys.resolveAttributes = false
-#idp.unlock-keys.postAuthenticationFlows =
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/admin/metrics.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/admin/metrics.xml
deleted file mode 100644
index 7ac0735..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/admin/metrics.xml
+++ /dev/null
@@ -1,147 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util" xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!-- Metrics enablement / activation. -->
-
- <!--
- Register one or more of the built-in system metric sets available.
- -->
-
- <bean parent="shibboleth.metrics.RegisterMetricSets">
- <property name="arguments">
- <list>
- <ref bean="shibboleth.metrics.CoreGaugeSet" />
- <ref bean="shibboleth.metrics.IdPGaugeSet" />
- <ref bean="shibboleth.metrics.LoggingGaugeSet" />
- <ref bean="shibboleth.metrics.AccessControlGaugeSet" />
- <ref bean="shibboleth.metrics.MetadataGaugeSet" />
- <ref bean="shibboleth.metrics.NameIdentifierGaugeSet" />
- <ref bean="shibboleth.metrics.RelyingPartyGaugeSet" />
- <ref bean="shibboleth.metrics.AttributeRegistryGaugeSet" />
- <ref bean="shibboleth.metrics.AttributeResolverGaugeSet" />
- <ref bean="shibboleth.metrics.AttributeFilterGaugeSet" />
- <ref bean="shibboleth.metrics.CASServiceRegistryGaugeSet" />
- <ref bean="shibboleth.metrics.ManagedBeanGaugeSet" />
- <ref bean="shibboleth.metrics.ModuleGaugeSet" />
-
- <!-- Note that this accesses remote "state" regarding IdP and plugin updates. -->
- <ref bean="shibboleth.metrics.InstallableComponents" />
-
- <!--
- <bean class="com.codahale.metrics.jvm.CachedThreadStatesGaugeSet"
- c:_0="1" c:_1="#{T(java.util.concurrent.TimeUnit).MINUTES}" />
- <bean class="com.codahale.metrics.jvm.ClassLoadingGaugeSet" />
- <bean class="com.codahale.metrics.jvm.GarbageCollectorMetricSet" />
- <bean class="com.codahale.metrics.jvm.MemoryUsageGaugeSet" />
- -->
- </list>
- </property>
- </bean>
-
- <!-- Metrics REST API Configuration -->
-
- <!--
- The global metric set is available by default at /idp/profile/admin/metrics
-
- Any pathinfo after that is assumed to identify specific named metrics. You can
- create mappings here between a logical "group" name and an implementation of the
- com.codahale.metrics.MetricFilter interface to specify which metrics to include.
- -->
- <util:map id="shibboleth.metrics.MetricGroups">
- <entry key="core" value-ref="shibboleth.metrics.CoreGaugeSet" />
- <entry key="idp" value-ref="shibboleth.metrics.IdPGaugeSet" />
- <entry key="updates" value-ref="shibboleth.metrics.InstallableComponents" />
- <entry key="logging" value-ref="shibboleth.metrics.LoggingGaugeSet" />
- <entry key="access" value-ref="shibboleth.metrics.AccessControlGaugeSet" />
- <entry key="metadata" value-ref="shibboleth.metrics.MetadataGaugeSet" />
- <entry key="nameid" value-ref="shibboleth.metrics.NameIdentifierGaugeSet" />
- <entry key="relyingparty" value-ref="shibboleth.metrics.RelyingPartyGaugeSet" />
- <entry key="registry" value-ref="shibboleth.metrics.AttributeRegistryGaugeSet" />
- <entry key="resolver" value-ref="shibboleth.metrics.AttributeResolverGaugeSet" />
- <entry key="filter" value-ref="shibboleth.metrics.AttributeFilterGaugeSet" />
- <entry key="cas" value-ref="shibboleth.metrics.CASServiceRegistryGaugeSet" />
- <entry key="bean" value-ref="shibboleth.metrics.ManagedBeanGaugeSet" />
- </util:map>
-
- <!-- Add any desired properties into set to expose them as IdP metrics. -->
- <!--
- <util:set id="shibboleth.metrics.ExposedProperties">
- <value>idp.entityID</value>
- </util:set>
- -->
-
- <!-- If you don't specify an alternate access policy, this named policy will be enforced. -->
- <bean id="shibboleth.metrics.DefaultAccessPolicy" class="java.lang.String" c:_0="AccessByIPAddress" />
-
- <!--
- To override the default access policy, map a metric name or
- mapped group above to an alternative policy name.
- -->
- <util:map id="shibboleth.metrics.AccessPolicyMap">
-
- </util:map>
-
- <!--
- In addition to the "pull" REST API for accessing metrics, a "push" reporter is also
- available to upload a JSON feed to a URL. The example shown relies on standard JVM
- trust configuration for TLS server verification.
-
- The "start" method triggers the timer thread; the example pushes every 30 minutes.
- -->
- <!--
- <bean id="PushReporter" parent="shibboleth.metrics.HTTPReporter" c:name="MyCollector"
- p:collectorURL="https://log.example.org/cgi-bin/collector.cgi" />
-
- <bean class="org.springframework.beans.factory.config.MethodInvokingBean"
- p:targetObject-ref="PushReporter"
- p:targetMethod="start">
- <property name="arguments">
- <list>
- <value>30</value>
- <util:constant static-field="java.util.concurrent.TimeUnit.MINUTES" />
- </list>
- </property>
- </bean>
- -->
-
- <!-- IdP Metrics Configuration -->
-
- <!--
- A bean named shibboleth.metrics.MetricStrategy of type Function<ProfileRequestContext,Boolean>
- can be defined to add timers and counters to a large range of objects in the system. Each timer is
- defined by a triple (timer name, start object, stop object). Counters are just object/counter pairs.
-
- The most common example is to start a timer when a particular flow action bean starts and
- stop it when the same or different action bean stops, to measure how long the execution takes.
-
- If you want to leave a timer in place but disabled to prevent overhead, you can turn off a
- logging category named "metrics.<timername>" in your logging configuration.
- -->
- <!--
- <bean id="shibboleth.metrics.MetricStrategy" parent="shibboleth.ContextFunctions.Scripted"
- factory-method="inlineScript">
- <constructor-arg>
- <value>
- <![CDATA[
- metricCtx = input.getSubcontext("org.opensaml.profile.context.MetricContext");
- metricCtx.addTimer("idp.attribute.resolution",
- "ResolveAttributes",
- "FilterAttributes"
- );
- true; // Signals success.
- ]]>
- </value>
- </constructor-arg>
- </bean>
- -->
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attribute-registry.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attribute-registry.xml
deleted file mode 100644
index 133930b..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attribute-registry.xml
+++ /dev/null
@@ -1,29 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!--
- The system comes preconfigured to load rules directly from resource files
- configured in services.xml so they're monitored for changes.
-
- You can add mappings here, add more XML resource files, or drop property
- files into the directory noted below, but they won't be monitored for changes
- themselves.
- -->
-
- <!-- Default directory for custom mappings. -->
- <bean parent="shibboleth.TranscodingRuleLoader"
- c:dir="%{idp.home}/conf/attributes/custom"
- c:extensions="#{{'.txt', '.props', '.properties', '.rule'}}" />
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/custom/README b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/custom/README
deleted file mode 100644
index 98977b0..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/custom/README
+++ /dev/null
@@ -1,9 +0,0 @@
-# You can create custom attribute mapping rules using
-# simple property files stored in this directory tree.
-# Spring property replacement is NOT supported.
-
-# As an example, a default SAML 2 rule for eduPersonPrincipalName would be:
-
-#id=eduPersonPrincipalName
-#transcoder=SAML2ScopedStringTranscoder
-#saml2.name=urn:oid:1.3.6.1.4.1.5923.1.1.1.6
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/eduCourse.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/eduCourse.xml
deleted file mode 100644
index 96341c3..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/eduCourse.xml
+++ /dev/null
@@ -1,57 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!--
- Note that all built-in rules rely on URI-naming and thus include the implied settings:
-
- <prop key="saml2.nameFormat">urn:oasis:names:tc:SAML:2.0:attrname-format:uri</prop>
- <prop key="saml1.namespace">urn:mace:shibboleth:1.0:attributeNamespace:uri</prop>
- -->
-
- <bean parent="shibboleth.TranscodingRuleLoader">
- <constructor-arg>
- <list>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduCourseOffering</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.6.1.1</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.5923.1.6.1.1</prop>
- <prop key="displayName.en">Course offering</prop>
- <prop key="description.en">Unique identifier for a course offering</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduCourseMember</prop>
- <prop key="transcoder">SAML2ScopedStringTranscoder SAML1ScopedStringTranscoder CASScopedStringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.6.1.2</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.5923.1.6.1.2</prop>
- <prop key="saml1.encodeType">false</prop>
- <prop key="displayName.en">Course role</prop>
- <prop key="description.en">Specifies the person's role within a particular course offering</prop>
- </props>
- </property>
- </bean>
-
- </list>
- </constructor-arg>
- </bean>
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/eduPerson.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/eduPerson.xml
deleted file mode 100644
index 115967c..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/eduPerson.xml
+++ /dev/null
@@ -1,309 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!--
- Note that all built-in rules rely on URI-naming and thus include the implied settings:
-
- <prop key="saml2.nameFormat">urn:oasis:names:tc:SAML:2.0:attrname-format:uri</prop>
- <prop key="saml1.namespace">urn:mace:shibboleth:1.0:attributeNamespace:uri</prop>
- -->
-
- <bean parent="shibboleth.TranscodingRuleLoader">
- <constructor-arg>
- <list>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonAffiliation</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.1</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:eduPersonAffiliation</prop>
- <prop key="displayName.en">Affiliation</prop>
- <prop key="displayName.de">Zugehörigkeit</prop>
- <prop key="displayName.fr">Affiliation</prop>
- <prop key="displayName.it">Affiliazione</prop>
- <prop key="displayName.ja">職位</prop>
- <prop key="description.en">Affiliation: Type of affiliation with Home Organization</prop>
- <prop key="description.de">Art der Zugehörigkeit zur Heimatorganisation</prop>
- <prop key="description.de-ch">Art der Zugehörigkeit zur Heimorganisation</prop>
- <prop key="description.fr">Type d'affiliation dans l'organisation</prop>
- <prop key="description.it">Affiliazione: Tipo di affiliazione presso l'organizzazione</prop>
- <prop key="description.ja">所属機関における職位(faculty,staff,student,memberなど)</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonAssurance</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.11</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:eduPersonAssurance</prop>
- <prop key="displayName.en">Assurance level</prop>
- <prop key="displayName.de">Vertrauensgrad</prop>
- <prop key="displayName.fr">Niveau de confiance</prop>
- <prop key="displayName.it">Livello di garanzia dell'identita'</prop>
- <prop key="displayName.ja">保証レベル</prop>
- <prop key="description.en">Set of URIs that assert compliance with specific standards for identity assurance</prop>
- <prop key="description.de">URIs die eine gewisse Zusicherung für spezifische Standards des Vertrauens beinhalten</prop>
- <prop key="description.fr">Un ensemble d'URI qui attestent la conformité selon un standard pour les niveaux d'assurance d'identités</prop>
- <prop key="description.it">Un insieme di URI che asseriscono l'osservanza dei livelli di garanzia dell'identita'</prop>
- <prop key="description.ja">IDの保証レベルに関して特定の基準に準拠していることを示すURI</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonEntitlement</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.7</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:eduPersonEntitlement</prop>
- <prop key="displayName.en">Entitlement</prop>
- <prop key="displayName.de">Berechtigung</prop>
- <prop key="displayName.fr">Membre de</prop>
- <prop key="displayName.it">Diritti</prop>
- <prop key="displayName.ja">資格情報</prop>
- <prop key="description.en">Member of: URI (either URL or URN) that indicates a set of rights to specific resources based on an agreement across the releavant community</prop>
- <prop key="description.de">Zeichenkette, die Rechte für spezifische Ressourcen beschreibt</prop>
- <prop key="description.fr">Membre de: URI (soit une URL ou une URN) décrivant un droit spécific d'accès</prop>
- <prop key="description.it">Membro di: URI (sia URL, sia URN) che rappresentano diritti su specifiche risorse e basati su accordi tra le comunità interessate</prop>
- <prop key="description.ja">特定のアプリケーションもしくはコミュニティ内の複数リソースへのアクセス権限を持つことを示すURI(URLもしくはURN)</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonNickname</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.2</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:eduPersonNickname</prop>
- <prop key="displayName.en">Nickname</prop>
- <prop key="displayName.de">Kurzname</prop>
- <prop key="displayName.de-ch">Übername</prop>
- <prop key="displayName.fr">Surnom</prop>
- <prop key="displayName.it">Soprannome</prop>
- <prop key="displayName.ja">ニックネーム</prop>
- <prop key="description.en">Person's nickname, or the informal name by which they are accustomed to be hailed</prop>
- <prop key="description.de">Kurzname einer Person, oder üblicher Rufname zur Begrüßung</prop>
- <prop key="description.de-ch">Übername einer Person, oder üblicher Rufname zur Begrüssung</prop>
- <prop key="description.fr">Nom personnalisable pour un usage informel</prop>
- <prop key="description.it">Soprannome della persona</prop>
- <prop key="description.ja">利用者のニックネームもしくは通称</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonOrgDN</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.3</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:eduPersonOrgDN</prop>
- <prop key="displayName.en">Organization distinguished name</prop>
- <prop key="description.en">Distinguished name (DN) of the directory entry representing the institution with which the person is associated</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonOrgUnitDN</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.4</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:eduPersonOrgUnitDN</prop>
- <prop key="displayName.en">Organization unit distinguished name</prop>
- <prop key="displayName.fr">Structures de rattachement</prop>
- <prop key="description.en">Distinguished name(s) (DN) of the directory entries representing the person's Organizational Unit(s)</prop>
- <prop key="description.fr">Structures d'affectation (composante, service...) de la personne dans l'annuaire</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonOrcid</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.16</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.16</prop>
- <prop key="displayName.en">ORCID</prop>
- <prop key="displayName.fr">identifiants ORCID</prop>
- <prop key="description.en">ORCID researcher identifier(s) belonging to a person</prop>
- <prop key="description.fr">Identifiant(s) ORCID d'une personne</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonPrimaryAffiliation</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.5</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation</prop>
- <prop key="displayName.en">Primary affiliation</prop>
- <prop key="displayName.de">Primäre Zugehörigkeit</prop>
- <prop key="displayName.fr">Affiliation principale</prop>
- <prop key="displayName.it">Affiliazione principale</prop>
- <prop key="displayName.ja">主要職位</prop>
- <prop key="description.en">Specifies the person's primary relationship to the institution in broad categories such as student, faculty, staff, alum, etc.</prop>
- <prop key="description.de">Spezifiziert der Hauptbeziehung einer Person innerhalb ihrer Organisation in groben Kategorien wie Student, Mitarbeiter, Alumni, etc.</prop>
- <prop key="description.fr">Spécifie la relation principale d'une personne avec l'institution selon des majeures catégories comme étudiant, collaborateur, alumni etc.</prop>
- <prop key="description.it">Specifica la relazione principale della persona con l'istituzione secondo le categorie studente, collaboratore, alumni, etc.</prop>
- <prop key="description.ja">所属機関における主要な職位(faculty,staff,student,memberなど)</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonPrimaryOrgUnitDN</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.8</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN</prop>
- <prop key="displayName.en">Primary organization unit distinguished name</prop>
- <prop key="displayName.fr">Structure de rattachement principal</prop>
- <prop key="description.en">Distinguished name (DN) of the directory entry representing the person's primary Organizational Unit</prop>
- <prop key="description.fr">Structure (composante, service) dans l'annuaire considérée comme affectation principale de la personne</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonPrincipalName</prop>
- <prop key="transcoder">SAML2ScopedStringTranscoder SAML1ScopedStringTranscoder CASScopedStringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.6</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:eduPersonPrincipalName</prop>
- <prop key="saml1.encodeType">false</prop>
- <prop key="displayName.en">Principal name</prop>
- <prop key="displayName.de">Persönliche ID</prop>
- <prop key="displayName.fr">Identifiant unique</prop>
- <prop key="displayName.it">ID personale</prop>
- <prop key="displayName.ja">プリンシパルID</prop>
- <prop key="description.en">A unique identifier for a person, mainly for inter-institutional user identification</prop>
- <prop key="description.de">Eindeutige Benutzeridentifikation</prop>
- <prop key="description.de-ch">Eindeutige Benützeridentifikation</prop>
- <prop key="description.fr">L'identifiant unique de l'utilisateur</prop>
- <prop key="description.it">Un ID personale che identifica chiaramente l'utente in seno alla sua organizzazione</prop>
- <prop key="description.ja">フェデレーション内で一意かつ永続的な利用者識別子</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonPrincipalNamePrior</prop>
- <prop key="transcoder">SAML2ScopedStringTranscoder SAML1ScopedStringTranscoder CASScopedStringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.12</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.12</prop>
- <prop key="saml1.encodeType">false</prop>
- <prop key="displayName.en">Prior principal name(s)</prop>
- <prop key="displayName.fr">Anciens identifiants EPPN</prop>
- <prop key="description.en">eduPersonPrincipalName value(s) previously associated with the entry</prop>
- <prop key="description.fr">Liste des valeurs de l'attribut eduPersonPrincipalName précédemment attribuées à la personne</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonScopedAffiliation</prop>
- <prop key="transcoder">SAML2ScopedStringTranscoder SAML1ScopedStringTranscoder CASScopedStringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.9</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:eduPersonScopedAffiliation</prop>
- <prop key="saml1.encodeType">false</prop>
- <prop key="displayName.en">Scoped affiliation</prop>
- <prop key="displayName.de">Zugehörigkeit</prop>
- <prop key="displayName.fr">Affiliation</prop>
- <prop key="displayName.it">Affiliazione</prop>
- <prop key="displayName.ja">スコープ付き職位</prop>
- <prop key="description.en">Specifies the person's affiliation within a particular security domain</prop>
- <prop key="description.de">Art der Zugehörigkeit zur Heimatorganisation</prop>
- <prop key="description.de-ch">Art der Zugehörigkeit zur Heimorganisation</prop>
- <prop key="description.fr">Type d'affiliation dans l'organisation</prop>
- <prop key="description.it">Affiliazione: Tipo di affiliazione pressocon l'organizzazione</prop>
- <prop key="description.ja">セキュリティドメインのスコープが付いた所属機関における職位</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonUniqueId</prop>
- <prop key="transcoder">SAML2ScopedStringTranscoder SAML1ScopedStringTranscoder CASScopedStringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.13</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.13</prop>
- <prop key="saml1.encodeType">false</prop>
- <prop key="displayName.en">Unique ID</prop>
- <prop key="displayName.de">Eindeutige ID</prop>
- <prop key="displayName.fr">ID unique</prop>
- <prop key="displayName.it">ID univoco</prop>
- <prop key="displayName.ja">ユニークID</prop>
- <prop key="description.en">A unique identifier for a person, mainly for inter-institutional user identification</prop>
- <prop key="description.de">Eindeutige Benutzeridentifikation</prop>
- <prop key="description.de-ch">Eindeutige Benützeridentifikation</prop>
- <prop key="description.fr">Identifiant unique de l'utilisateur</prop>
- <prop key="description.it">Un identificativo univoco che identifica chiaramente l'utente in seno alla sua organizzazione</prop>
- <prop key="description.ja">フェデレーション内で一意で永続的かつ難読化された利用者識別子(後継はサブジェクトID)</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonAnalyticsTag</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder CASStringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.17</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.17</prop>
- <prop key="saml1.encodeType">false</prop>
- <prop key="displayName.en">Aggregated analytics tag</prop>
- <prop key="description.en">Opaque string that aggregates the use of a service by a set of subjects for the purpose of reporting or analytics</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">eduPersonDisplayPronouns</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder CASStringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.18</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.5923.1.1.1.18</prop>
- <prop key="saml1.encodeType">false</prop>
- <prop key="displayName.en">Display Pronouns</prop>
- <prop key="description.en">Personal pronouns by which the person prefers to be identified</prop>
- </props>
- </property>
- </bean>
-
- </list>
- </constructor-arg>
- </bean>
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/inetOrgPerson.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/inetOrgPerson.xml
deleted file mode 100644
index 2ab78ef..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/inetOrgPerson.xml
+++ /dev/null
@@ -1,525 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!--
- Note that all built-in rules rely on URI-naming and thus include the implied settings:
-
- <prop key="saml2.nameFormat">urn:oasis:names:tc:SAML:2.0:attrname-format:uri</prop>
- <prop key="saml1.namespace">urn:mace:shibboleth:1.0:attributeNamespace:uri</prop>
- -->
-
- <!-- https://tools.ietf.org/html/rfc2798 -->
-
- <bean parent="shibboleth.TranscodingRuleLoader">
- <constructor-arg>
- <list>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">cn</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.3</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:cn</prop>
- <prop key="displayName.en">Common name</prop>
- <prop key="displayName.fr">Nom et Prénom</prop>
- <prop key="description.en">Common name of a person</prop>
- <prop key="description.fr">Nom complet sans accent d'une personne</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">departmentNumber</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.16.840.1.113730.3.1.2</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:departmentNumber</prop>
- <prop key="displayName.en">Department number</prop>
- <prop key="displayName.fr">departmentNumber</prop>
- <prop key="displayName.de">Abteilungsnummer</prop>
- <prop key="description.en">Department number</prop>
- <prop key="description.de">Nummer der Abteilung</prop>
- <prop key="description.fr">Identifiant du département dans l'organisation</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">displayName</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.16.840.1.113730.3.1.241</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:displayName</prop>
- <prop key="displayName.en">Display name</prop>
- <prop key="displayName.de">Anzeigename</prop>
- <prop key="displayName.fr">Nom</prop>
- <prop key="displayName.it">Nome</prop>
- <prop key="displayName.ja">表示名</prop>
- <prop key="description.en">The name that should appear in white-pages-like applications for this person</prop>
- <prop key="description.de">Anzeigename</prop>
- <prop key="description.fr">Nom complet d'affichage</prop>
- <prop key="description.it">Nome</prop>
- <prop key="description.ja">アプリケーションでの表示に用いられる英字氏名</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">employeeNumber</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.16.840.1.113730.3.1.3</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:employeeNumber</prop>
- <prop key="displayName.en">Employee number</prop>
- <prop key="displayName.de">Mitarbeiternummer</prop>
- <prop key="displayName.fr">Numéro d'employé</prop>
- <prop key="displayName.it">Numero dell'utente</prop>
- <prop key="displayName.ja">従業員番号</prop>
- <prop key="description.en">Identifies an employee within an organization</prop>
- <prop key="description.de">Identifiziert einen Mitarbeiter innerhalb der Organisation</prop>
- <prop key="description.fr">Identifie un employé au sein de l'organisation</prop>
- <prop key="description.it">Identifica l' utente presso l'organizzazione</prop>
- <prop key="description.ja">所属機関における利用者の従業員番号</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">employeeType</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.16.840.1.113730.3.1.4</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:employeeType</prop>
- <prop key="displayName.en">Employee type</prop>
- <prop key="displayName.fr">Type d'employé</prop>
- <prop key="description.en">Employee type</prop>
- <prop key="description.fr">Catégorie d'employé dans l'organisation</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">givenName</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.42</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:givenName</prop>
- <prop key="displayName.en">Given name</prop>
- <prop key="displayName.de">Vorname</prop>
- <prop key="displayName.fr">Prénom</prop>
- <prop key="displayName.it">Nome</prop>
- <prop key="displayName.ja">名</prop>
- <prop key="description.en">Given name of a person</prop>
- <prop key="description.de">Vorname</prop>
- <prop key="description.fr">Prénom de l'utilisateur</prop>
- <prop key="description.it">Nome</prop>
- <prop key="description.ja">氏名(名)の英語表記</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">homePhone</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:0.9.2342.19200300.100.1.20</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:homePhone</prop>
- <prop key="displayName.en">Private phone number</prop>
- <prop key="displayName.de">Telefon Privat</prop>
- <prop key="displayName.fr">Teléphone personnel</prop>
- <prop key="displayName.it">Numero di telefono privato</prop>
- <prop key="displayName.ja">自宅電話番号</prop>
- <prop key="description.en">Private phone number</prop>
- <prop key="description.de">Private Telefonnummer</prop>
- <prop key="description.fr">Numéro de téléphone de domicile de la personne</prop>
- <prop key="description.it">Numero di telefono privato</prop>
- <prop key="description.ja">自宅の電話番号</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">homePostalAddress</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:0.9.2342.19200300.100.1.39</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:homePostalAddress</prop>
- <prop key="displayName.en">Home postal address</prop>
- <prop key="displayName.de">Heimatadresse</prop>
- <prop key="displayName.de-ch">Heimadresse</prop>
- <prop key="displayName.fr">Adresse personnelle</prop>
- <prop key="displayName.it">Indirizzo personale</prop>
- <prop key="displayName.ja">自宅住所</prop>
- <prop key="description.en">Home postal address: Home address of the user</prop>
- <prop key="description.de">Heimatadresse</prop>
- <prop key="description.de-ch">Heimadresse</prop>
- <prop key="description.fr">Adresse postale de domicile de la personne</prop>
- <prop key="description.it">Indirizzo personale: indirizzo dove abita l'utente</prop>
- <prop key="description.ja">自宅の住所</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">initials</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.43</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:initials</prop>
- <prop key="displayName.en">Initials</prop>
- <prop key="displayName.de">Initialen</prop>
- <prop key="displayName.fr">Initiales</prop>
- <prop key="displayName.ja">イニシャル</prop>
- <prop key="description.en">Initials</prop>
- <prop key="description.de">Anfangsbuchstaben des Namens</prop>
- <prop key="description.de-ch">Die Anfangsbuchstaben</prop>
- <prop key="description.fr">L' initiales</prop>
- <prop key="description.ja">イニシャル</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">l</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.7</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:l</prop>
- <prop key="displayName.en">Locality name</prop>
- <prop key="displayName.de">Ort</prop>
- <prop key="displayName.fr">Localité</prop>
- <prop key="displayName.ja">場所(L)</prop>
- <prop key="description.en">Locality name</prop>
- <prop key="description.de">Ort</prop>
- <prop key="description.fr">Nom de la localité où réside l'objet</prop>
- <prop key="description.ja">場所の名前 日本の場合は市区町村名</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">mail</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:0.9.2342.19200300.100.1.3</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:mail</prop>
- <prop key="displayName.en">E-mail</prop>
- <prop key="displayName.de">E-Mail</prop>
- <prop key="displayName.fr">Email</prop>
- <prop key="displayName.it">E-mail</prop>
- <prop key="displayName.ja">メールアドレス</prop>
- <prop key="description.en">E-Mail: Preferred address for e-mail to be sent to this person</prop>
- <prop key="description.de">E-Mail-Adresse</prop>
- <prop key="description.de-ch">E-Mail Adresse</prop>
- <prop key="description.fr">Adresse de courrier électronique</prop>
- <prop key="description.it">E-Mail: l'indirizzo e-mail preferito dall'utente</prop>
- <prop key="description.ja">メールアドレス</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">mobile</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:0.9.2342.19200300.100.1.41</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:mobile</prop>
- <prop key="displayName.en">Mobile phone number</prop>
- <prop key="displayName.de">Telefon Mobil</prop>
- <prop key="displayName.fr">Numéro de mobile</prop>
- <prop key="displayName.it">Numero di cellulare</prop>
- <prop key="displayName.ja">携帯電話番号</prop>
- <prop key="description.en">Mobile phone number</prop>
- <prop key="description.de">Mobile Telefonnummer</prop>
- <prop key="description.fr">Numéro de teléphone mobile</prop>
- <prop key="description.it">Numero di cellulare</prop>
- <prop key="description.ja">携帯電話の電話番号</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">o</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.10</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:o</prop>
- <prop key="displayName.en">Organization name</prop>
- <prop key="displayName.de">Organisationsname</prop>
- <prop key="displayName.fr">Nom de l'organisation</prop>
- <prop key="displayName.ja">所属機関名</prop>
- <prop key="description.en">Organization name</prop>
- <prop key="description.de">Name der Organisation</prop>
- <prop key="description.fr">Nom de l'organisation</prop>
- <prop key="description.ja">所属機関名称の英語表記</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">ou</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.11</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:ou</prop>
- <prop key="displayName.en">Organizational unit</prop>
- <prop key="displayName.de">Organisationseinheit</prop>
- <prop key="displayName.fr">Unité organisationnelle</prop>
- <prop key="displayName.ja">機関内所属名</prop>
- <prop key="description.en">Organizational unit</prop>
- <prop key="description.de">Name der Organisationseinheit</prop>
- <prop key="description.fr">Nom de l'unité organisationnelle</prop>
- <prop key="description.ja">機関内所属名称の英語表記</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">pager</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:0.9.2342.19200300.100.1.42</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:pager</prop>
- <prop key="displayName.en">Pager number</prop>
- <prop key="description.en">Pager number</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">postalAddress</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.16</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:postalAddress</prop>
- <prop key="displayName.en">Business postal address</prop>
- <prop key="displayName.de">Geschäftsadresse</prop>
- <prop key="displayName.fr">Adresse professionnelle</prop>
- <prop key="displayName.it">Indirizzo professionale</prop>
- <prop key="displayName.ja">所属機関住所</prop>
- <prop key="description.en">Business postal address: Campus or office address</prop>
- <prop key="description.de">Geschäftliche Adresse</prop>
- <prop key="description.de-ch">Adresse am Arbeitsplatz</prop>
- <prop key="description.fr">Adresse de l'institut, de l'université</prop>
- <prop key="description.it">Indirizzo professionale: indirizzo dell'istituto o dell'ufficio</prop>
- <prop key="description.ja">所属機関の住所</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">postalCode</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.17</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:postalCode</prop>
- <prop key="displayName.en">Postal code</prop>
- <prop key="displayName.en-us">ZIP code</prop>
- <prop key="displayName.de">Postleitzahl</prop>
- <prop key="displayName.fr">Code postal</prop>
- <prop key="displayName.ja">郵便番号</prop>
- <prop key="description.en">Postal code</prop>
- <prop key="description.en-us">ZIP code</prop>
- <prop key="description.de">Postleitzahl</prop>
- <prop key="description.fr">Code postal</prop>
- <prop key="description.ja">郵便番号</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">postOfficeBox</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:mace:dir:attribute-def:postOfficeBox</prop>
- <prop key="saml1.name">urn:oid:2.5.4.18</prop>
- <prop key="displayName.en">Postal box</prop>
- <prop key="displayName.de">Postfach</prop>
- <prop key="displayName.fr">Boite postale</prop>
- <prop key="displayName.fr-ch">Case postale</prop>
- <prop key="displayName.ja">私書箱</prop>
- <prop key="description.en">Postal box identifier</prop>
- <prop key="description.de">Postfach</prop>
- <prop key="description.fr">Boite postale</prop>
- <prop key="description.fr-ch">Case postale</prop>
- <prop key="description.ja">私書箱</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">preferredLanguage</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.16.840.1.113730.3.1.39</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:preferredLanguage</prop>
- <prop key="displayName.en">Preferred Language</prop>
- <prop key="displayName.de">Bevorzugte Sprache</prop>
- <prop key="displayName.fr">Langue préférée</prop>
- <prop key="displayName.it">Lingua preferita</prop>
- <prop key="displayName.ja">希望言語</prop>
- <prop key="description.en">Preferred language: Users preferred language (see RFC1766)</prop>
- <prop key="description.de">Bevorzugte Sprache (siehe RFC1766)</prop>
- <prop key="description.fr">Exemple: fr, de, it, en, ... (voir RFC1766)</prop>
- <prop key="description.it">Lingua preferita: la lingua preferita dall'utente (cfr. RFC1766)</prop>
- <prop key="description.ja">利用者が希望する言語(RFC1766 を参照)</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">sn</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.4</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:sn</prop>
- <prop key="displayName.en">Surname</prop>
- <prop key="displayName.de">Nachname</prop>
- <prop key="displayName.fr">Nom de famille</prop>
- <prop key="displayName.it">Cognome</prop>
- <prop key="displayName.ja">姓</prop>
- <prop key="description.en">Surname or family name</prop>
- <prop key="description.de">Familienname</prop>
- <prop key="description.fr">Nom de famille de l'utilisateur</prop>
- <prop key="description.it">Cognome dell'utilizzatore</prop>
- <prop key="description.ja">氏名(姓)の英語表記</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">st</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.8</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:st</prop>
- <prop key="displayName.en">State or province name</prop>
- <prop key="displayName.fr">Etat ou nom de province</prop>
- <prop key="displayName.ja">都道府県もしくは州や省(ST)</prop>
- <prop key="description.en">State or province name</prop>
- <prop key="description.fr">Etat ou nom de province</prop>
- <prop key="description.ja">州名や省名 国によって異なり日本の場合は都道府県名</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">street</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.9</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:street</prop>
- <prop key="displayName.en">Street</prop>
- <prop key="displayName.de">Straße</prop>
- <prop key="displayName.de-ch">Strasse</prop>
- <prop key="displayName.fr">Rue</prop>
- <prop key="displayName.ja">通り</prop>
- <prop key="description.en">Street address</prop>
- <prop key="description.de">Name der Straße</prop>
- <prop key="description.de-ch">Strassenadresse</prop>
- <prop key="description.fr">Nom de rue</prop>
- <prop key="description.ja">通りおよび番地</prop>
- </props>
- </property>
- </bean>
-
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">telephoneNumber</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.20</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:telephoneNumber</prop>
- <prop key="displayName.en">Business phone number</prop>
- <prop key="displayName.de">Telefon Geschäft</prop>
- <prop key="displayName.fr">Teléphone professionnel</prop>
- <prop key="displayName.it">Numero di telefono dell'ufficio</prop>
- <prop key="displayName.ja">所属機関内電話番号</prop>
- <prop key="description.en">Business phone number: Office or campus phone number</prop>
- <prop key="description.de">Telefonnummer am Arbeitsplatz</prop>
- <prop key="description.fr">Teléphone de l'institut, de l'université</prop>
- <prop key="description.it">Numero di telefono dell'ufficio</prop>
- <prop key="description.ja">所属機関での利用者の電話番号</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">title</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:2.5.4.12</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:title</prop>
- <prop key="displayName.en">Title</prop>
- <prop key="displayName.de">Titel</prop>
- <prop key="displayName.fr">Title</prop>
- <prop key="displayName.ja">肩書き</prop>
- <prop key="description.en">Title of a person</prop>
- <prop key="description.de">Titel der Person</prop>
- <prop key="description.fr">Titre de la personne</prop>
- <prop key="description.ja">利用者の肩書き</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">uid</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:0.9.2342.19200300.100.1.1</prop>
- <prop key="saml1.name">urn:mace:dir:attribute-def:uid</prop>
- <prop key="displayName.en">User ID</prop>
- <prop key="displayName.de">Benutzer-ID</prop>
- <prop key="displayName.fr">ID utilisateur</prop>
- <prop key="displayName.it">ID dell'utente</prop>
- <prop key="displayName.ja">ユーザID</prop>
- <prop key="description.en">A unique identifier for a person, mainly used for user identification within the user's home organization</prop>
- <prop key="description.de">Eine eindeutige Nummer für eine Person, welche hauptsächlich zur Identifikation innerhalb der Organisation benutzt wird</prop>
- <prop key="description.fr">Identifiant de connexion d'une personnes sur les systèmes informatiques</prop>
- <prop key="description.it">Identificativo unico della persona, usato per l'identificazione dell'utente all'interno della organizzazione di appartenenza</prop>
- <prop key="description.ja">所属機関内で一意の利用者識別子</prop>
- </props>
- </property>
- </bean>
-
- </list>
- </constructor-arg>
- </bean>
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/samlSubject.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/samlSubject.xml
deleted file mode 100644
index 3ffa3cc..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/samlSubject.xml
+++ /dev/null
@@ -1,73 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!--
- Note that all built-in rules rely on URI-naming and thus include the implied settings:
-
- <prop key="saml2.nameFormat">urn:oasis:names:tc:SAML:2.0:attrname-format:uri</prop>
- -->
-
- <!-- https://wiki.oasis-open.org/security/SAMLSubjectIDAttr -->
-
- <bean parent="shibboleth.TranscodingRuleLoader">
- <constructor-arg>
- <list>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">samlSubjectID</prop>
- <prop key="transcoder">SAML2ScopedStringTranscoder</prop>
- <prop key="saml2.name">urn:oasis:names:tc:SAML:attribute:subject-id</prop>
- <prop key="displayName.en">Unique ID</prop>
- <prop key="displayName.de">Eindeutige ID</prop>
- <prop key="displayName.fr">ID unique</prop>
- <prop key="displayName.it">ID unico</prop>
- <prop key="displayName.ja">サブジェクトID</prop>
- <prop key="description.en">A unique identifier for a person, mainly for inter-institutional user identification</prop>
- <prop key="description.de">Eindeutige Benutzeridentifikation</prop>
- <prop key="description.de-ch">Eindeutige Benützeridentifikation</prop>
- <prop key="description.fr">Identifiant unique de l'utilisateur</prop>
- <prop key="description.it">Un identificativo personale che identifica chiaramente l'utente in seno alla sua organizzazione</prop>
- <prop key="description.ja">フェデレーション内で一意で永続的かつ難読化された利用者識別子(eduPersonUniqueIdの後継)</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">samlPairwiseID</prop>
- <prop key="transcoder">SAML2ScopedStringTranscoder</prop>
- <prop key="saml2.name">urn:oasis:names:tc:SAML:attribute:pairwise-id</prop>
- <prop key="displayName.en">Pairwise ID</prop>
- <prop key="displayName.de">Pairwise ID</prop>
- <prop key="displayName.fr">Pairwise ID</prop>
- <prop key="displayName.it">Pairwise ID</prop>
- <prop key="displayName.ja">ペアワイズID</prop>
- <prop key="description.en">Pairwise ID: A unique identifier for a person, different for each service provider</prop>
- <prop key="description.de">Pairwise ID: Eindeutige Benutzeridentifikation, unterschiedlich pro Service Provider</prop>
- <prop key="description.de-ch">Pairwise ID: Eindeutige Benützeridentifikation, unterschiedlich pro Service Provider</prop>
- <prop key="description.fr">Pairwise ID: Un identifiant unique de l'utilisateur, différent pour chaque fournisseur de service</prop>
- <prop key="description.it">Pairwise ID: identificativo unico della persona, differente per ogni fornitore di servizio</prop>
- <prop key="description.ja">フェデレーション内で一意かつSP毎に送出される値が異なる利用者識別子(eduPersonTargetedIDの後継)</prop>
- </props>
- </property>
- </bean>
-
- </list>
- </constructor-arg>
- </bean>
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/schac.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/schac.xml
deleted file mode 100644
index 2e0db26..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/attributes/schac.xml
+++ /dev/null
@@ -1,382 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!--
- Note that all built-in rules rely on URI-naming and thus include the implied settings:
-
- <prop key="saml2.nameFormat">urn:oasis:names:tc:SAML:2.0:attrname-format:uri</prop>
- <prop key="saml1.namespace">urn:mace:shibboleth:1.0:attributeNamespace:uri</prop>
- -->
-
- <bean parent="shibboleth.TranscodingRuleLoader">
- <constructor-arg>
- <list>
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacMotherTongue</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.1</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.1</prop>
- <prop key="displayName.en">Mother Tongue</prop>
- <prop key="displayName.fr">Langue maternelle</prop>
- <prop key="displayName.it">Lingua Madre</prop>
- <prop key="description.en">Mother Tongue of the user</prop>
- <prop key="description.fr">Langue maternelle (la langue apprise en premier par une personne : fr</prop>
- <prop key="description.it">Lingua Madre dell'utente</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacGender</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.2</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.2</prop>
- <prop key="displayName.en">Gender</prop>
- <prop key="displayName.fr">Genre</prop>
- <prop key="displayName.it">Genere</prop>
- <prop key="description.en">Gender of the user</prop>
- <prop key="description.fr">Genre de la personne : un chiffre (0 "Not known, 1 "Male", 2 "Female", 9 "Not specified")</prop>
- <prop key="description.it">Genere dell'utente</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacDateOfBirth</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.3</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.3</prop>
- <prop key="displayName.en">Date or Birth</prop>
- <prop key="displayName.fr">Date de naissance</prop>
- <prop key="displayName.it">Giorno di nascita</prop>
- <prop key="description.en">The date of birth for the subject it is associated with</prop>
- <prop key="description.fr">Date de naissance au format "YYYYMMJJ"</prop>
- <prop key="description.it">Giorno di nascita del soggetto</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacYearOfBirth</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.0.2.3</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.0.2.3</prop>
- <prop key="displayName.en">Year of birth</prop>
- <prop key="displayName.fr">Année de naissance</prop>
- <prop key="displayName.it">Anno di nascita</prop>
- <prop key="description.en">The year of birth for the subject it is associated with</prop>
- <prop key="description.fr">Année de naissance au format "YYYY"</prop>
- <prop key="description.it">Anno di nascita del soggetto</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacPlaceOfBirth</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.4</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.4</prop>
- <prop key="displayName.en">Place of Birth</prop>
- <prop key="displayName.fr">Lieu de naissance</prop>
- <prop key="displayName.it">Luogo di nascita</prop>
- <prop key="description.en">The place of birth for the subject it is associated with</prop>
- <prop key="description.fr">Lieu de naissance</prop>
- <prop key="description.it">Luogo di nascita del soggetto</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacCountryOfCitizenship</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.5</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.5</prop>
- <prop key="displayName.en">Country of Citizenship</prop>
- <prop key="displayName.fr">Nationalité</prop>
- <prop key="description.en">The countries of citizenship for the subject it is associated with</prop>
- <prop key="description.fr">Pays où une personne est un citoyen : 2 lettres au format ISO 3166 (fr, es...)</prop>
- <prop key="description.it">Cittadinanza</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacSn1</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.6</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.6</prop>
- <prop key="displayName.en">First Surname</prop>
- <prop key="displayName.fr">Premier nom</prop>
- <prop key="displayName.it">Primo Cognome</prop>
- <prop key="description.en">First surname of a person ("the surname" in international terms)</prop>
- <prop key="description.fr">Premier nom d'une personne</prop>
- <prop key="description.it">Il cognome di una persona</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacSn2</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.7</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.7</prop>
- <prop key="displayName.en">Second Surname</prop>
- <prop key="displayName.fr">Second nom</prop>
- <prop key="displayName.it">Secondo Cognome</prop>
- <prop key="description.en">Second surname of a person</prop>
- <prop key="description.fr">Second nom d'une personne</prop>
- <prop key="description.it">Secondo cognome di una persona</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacPersonalTitle</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.8</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.8</prop>
- <prop key="displayName.en">Personal Title</prop>
- <prop key="displayName.fr">Titre</prop>
- <prop key="displayName.it">Soprannome</prop>
- <prop key="description.en">Nice name used for the user</prop>
- <prop key="description.fr">Titre de la personne</prop>
- <prop key="description.it">Titolo usato per salutare l'utente</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacHomeOrganization</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.9</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.9</prop>
- <prop key="displayName.en">Home Organization</prop>
- <prop key="displayName.fi">Kotiorganisaatio</prop>
- <prop key="displayName.fr">Organisme</prop>
- <prop key="displayName.it">Dominio dell'istituzione</prop>
- <prop key="description.en">The domain name of the person's home organisation</prop>
- <prop key="description.fi">Henkilön kotiorganisaation domain-nimi</prop>
- <prop key="description.fr">Nom de domaine DNS de l'organisme d'origine d'une personne</prop>
- <prop key="description.it">Dominio dell'istituzione</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacHomeOrganizationType</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.10</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.10</prop>
- <prop key="displayName.en">Home organization type</prop>
- <prop key="displayName.fi">Kotiorganisaation tyyppi</prop>
- <prop key="displayName.fr">Type d'organisme</prop>
- <prop key="displayName.it">Tipo di organizzazione di appartenenza (internazionale)</prop>
- <prop key="description.en">Home organisation type: university, polytechnic, etc</prop>
- <prop key="description.fi">Kotiorganisaation tyyppi: yliopisto, ammattikorkeakoulu jne</prop>
- <prop key="description.fr">Type d'organisme d'origine d'une personne</prop>
- <prop key="description.it">Tipo di organizzazione di appartenenza</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacCountryOfResidence</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.11</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.11</prop>
- <prop key="displayName.en">Country of Residence</prop>
- <prop key="displayName.fr">Pays de résidence</prop>
- <prop key="displayName.it">Residenza</prop>
- <prop key="description.en">The country of residence for the subject</prop>
- <prop key="description.fr">Pays de résidence : fr, es...</prop>
- <prop key="description.it">Paese di residenza dell'utente</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacUserPresenceID</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.12</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.12</prop>
- <prop key="displayName.en">User Presence ID</prop>
- <prop key="displayName.fr">Identifiant de présence</prop>
- <prop key="displayName.it">ID utente sulla rete</prop>
- <prop key="description.en">Identifiers that user collect on the net</prop>
- <prop key="description.fr">Ensemble de valeurs liées aux protocoles de présence réseau (sip, xmpp, h323...)</prop>
- <prop key="description.it">Identificativi usati dall'utente sulla rete</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacPersonalPosition</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.13</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.13</prop>
- <prop key="displayName.en">Personal Position</prop>
- <prop key="displayName.fr">Position/Rôle</prop>
- <prop key="displayName.it">Ruolo ricoperto</prop>
- <prop key="description.en">Personal Position of the user for the institution</prop>
- <prop key="description.fr">Position/Rôle de la personne au sein d'une institution</prop>
- <prop key="description.it">Ruolo dell'utente nell'istituzione</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacPersonalUniqueCode</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.14</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.14</prop>
- <prop key="displayName.en">Personal Unique Code</prop>
- <prop key="displayName.fr">Code personnel unique</prop>
- <prop key="displayName.it">Codice Univoco</prop>
- <prop key="description.en">Unique code for the subject it is associated with</prop>
- <prop key="description.fr">"Code unique" pour le sujet auquel il est associé (peut être le numéro d'étudiant, le numéro d'employé, ...)</prop>
- <prop key="description.it">Codice Univoco legato al soggetto</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacPersonalUniqueID</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.15</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.15</prop>
- <prop key="displayName.en">Personal Unique ID</prop>
- <prop key="displayName.fr">Identifiant personnel unique</prop>
- <prop key="displayName.it">ID Legale Univoco</prop>
- <prop key="description.en">Unique Legal Identifier of a person</prop>
- <prop key="description.fr">identifiant unique légal (DNI en espagne)</prop>
- <prop key="description.it">Identificativo Univoco Legale associato alla persona</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacExpiryDate</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.17</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.17</prop>
- <prop key="displayName.en">Expiry Date</prop>
- <prop key="displayName.fr">Date d'expiration</prop>
- <prop key="description.en">The date from which the set of data is to be considered invalid (specifically, in what refers to rights and entitlements)</prop>
- <prop key="description.fr">Date à partir de laquelle l'ensemble de données de la personne doit être considéré comme invalide, au format "YYYYMMDDhhmmssZ"</prop>
- <prop key="description.it">Data di scadenza dei dati utente (diritti e titoli)</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacUserPrivateAttribute</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.18</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.18</prop>
- <prop key="displayName.en">User Private Attribute</prop>
- <prop key="displayName.fr">Exigences de confidentialité</prop>
- <prop key="description.en">Datas that the user and/or organization policies want to keep private</prop>
- <prop key="description.fr">Exigences de confidentialité, telles qu'exprimées par l'utilisateur et / ou les stratégies de l'entreprise</prop>
- <prop key="description.it">Dati che l'utente o le policy organizzative vogliono tenere private</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacUserStatus</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.19</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.19</prop>
- <prop key="displayName.en">User Status</prop>
- <prop key="displayName.fr">Status utilisateur</prop>
- <prop key="description.en">Set of status of a person as user of services</prop>
- <prop key="description.fr">Ensemble de status d'une personne en tant qu'utilisateur de services</prop>
- <prop key="description.it">Stato di attivita' per l'utente sui diversi servizi</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacProjectMembership</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.20</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.20</prop>
- <prop key="displayName.en">Project Membership</prop>
- <prop key="displayName.fr">Appartenance au projet</prop>
- <prop key="description.en">Name of the project the user belongs to</prop>
- <prop key="description.fr">Nom du projet auquel l'utilisateur appartient</prop>
- <prop key="description.it">Nome del progetto a cui l'utente appartiene</prop>
- </props>
- </property>
- </bean>
-
- <bean parent="shibboleth.TranscodingProperties">
- <property name="properties">
- <props merge="true">
- <prop key="id">schacProjectSpecificRole</prop>
- <prop key="transcoder">SAML2StringTranscoder SAML1StringTranscoder</prop>
- <prop key="saml2.name">urn:oid:1.3.6.1.4.1.25178.1.2.21</prop>
- <prop key="saml1.name">urn:oid:1.3.6.1.4.1.25178.1.2.21</prop>
- <prop key="displayName.en">Project Specific Role</prop>
- <prop key="displayName.fr">Roles spécifiques au projet</prop>
- <prop key="description.en">Set of roles inside specific projects for the user</prop>
- <prop key="description.fr">Ensemble de rôles dans des projets spécifiques</prop>
- <prop key="description.it">Insieme dei ruoli svolti dall'utente su specifici progetti</prop>
- </props>
- </property>
- </bean>
- </list>
- </constructor-arg>
- </bean>
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/audit.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/audit.xml
deleted file mode 100644
index 3c9c408..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/audit.xml
+++ /dev/null
@@ -1,55 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util" xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!--
- This bean defines a mapping between audit log categories and formatting strings.
- -->
- <util:map id="shibboleth.AuditFormattingMap">
- <entry key="Shibboleth-Audit" value="%a|%ST|%T|%u|%SP|%i|%ac|%t|%attr|%n|%f|%SSO|%XX|%XA|%b|%bb|%e|%S|%SS|%s|%UA" />
- </util:map>
-
- <!-- Override the format of date/time fields in the log and/or convert to default time zone. -->
- <!--
- <bean id="shibboleth.AuditDateTimeFormat" class="java.lang.String" c:_0="yyyy-MM-dd'T'HH:mm:ss.SSSZZ" />
- <util:constant id="shibboleth.AuditDefaultTimeZone" static-field="java.lang.Boolean.TRUE" />
- -->
-
- <!-- Allows auditing to be disabled selectively for particular profiles/flows. -->
- <util:list id="shibboleth.AuditSuppressedProfiles">
- <value>http://shibboleth.net/ns/profiles/status</value>
- <value>http://shibboleth.net/ns/profiles/mdquery</value>
- </util:list>
-
- <!--
- You can freely add/change this map to map constants or frequently appearing strings into
- shorter values in the audit log.
- -->
- <util:map id="shibboleth.AuditFieldReplacementMap">
- <entry key="urn:oasis:names:tc:SAML:1.0:am:password" value="password" />
- <entry key="urn:oasis:names:tc:SAML:2.0:ac:classes:Password" value="password" />
- <entry key="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" value="password" />
- <entry key="urn:mace:shibboleth:1.0:nameIdentifier" value="transient" />
- <entry key="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" value="transient" />
- <entry key="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" value="persistent" />
- <entry key="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" value="emailAddress" />
- <entry key="urn:oasis:names:tc:SAML:2.0:status:Success" value="Success" />
- <entry key="urn:oasis:names:tc:SAML:2.0:status:Requester" value="Requester" />
- <entry key="urn:oasis:names:tc:SAML:2.0:status:Responder" value="Responder" />
- <entry key="http://www.w3.org/2009/xmlenc11#aes128-gcm" value="AES128-GCM" />
- <entry key="http://www.w3.org/2009/xmlenc11#aes192-gcm" value="AES192-GCM" />
- <entry key="http://www.w3.org/2009/xmlenc11#aes256-gcm" value="AES256-GCM" />
- <entry key="http://www.w3.org/2001/04/xmlenc#aes128-cbc" value="AES128-CBC" />
- <entry key="http://www.w3.org/2001/04/xmlenc#aes192-cbc" value="AES192-CBC" />
- <entry key="http://www.w3.org/2001/04/xmlenc#aes256-cbc" value="AES256-CBC" />
- </util:map>
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/authn/authn-comparison.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/authn/authn-comparison.xml
deleted file mode 100644
index 0730bcb..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/authn/authn-comparison.xml
+++ /dev/null
@@ -1,117 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:util="http://www.springframework.org/schema/util"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!--
- This is a map used to "weight" particular methods above others if the IdP has to randomly select one
- to insert into a SAML authentication statement. The typical use shown below is to bias the IdP in favor
- of expressing the SAML 2 PasswordProtectedTransport class over the more vanilla Password class on the
- assumption that the IdP doesn't accept passwords via an insecure channel. This map never causes the IdP
- to violate its matching rules if an RP requests a particular value; it only matters when nothing specific
- is chosen. Anything not in the map has a weight of zero.
- -->
-
- <util:map id="shibboleth.AuthenticationPrincipalWeightMap">
- <entry>
- <key>
- <bean parent="shibboleth.SAML2AuthnContextClassRef"
- c:classRef="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" />
- </key>
- <value>1</value>
- </entry>
- </util:map>
-
- <!--
- Uncomment and add entries to this map to support "inexact" SAML RequestedAuthnContext operators.
- Please refer to the AuthenticationFlowSelection documentation topic for details and examples.
- -->
- <!--
- <util:map id="shibboleth.AuthnComparisonRules">
- </util:map>
- -->
-
- <!-- List of context classes or declarations to ignore if an SP requests them. -->
-
- <util:list id="shibboleth.IgnoredContexts">
- <value>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</value>
- </util:list>
-
- <!--
- Mappings to transform custom Principals for proxied AuthnRequests.
- Key is the input, value is a collection of possibly empty outputs.
- Used by default to transform authentication type values from
- SPs -> Proxied IdPs.
- -->
- <util:map id="shibboleth.PrincipalProxyRequestMappings">
- <!--
- <entry>
- <key>
- <bean parent="shibboleth.SAML1AuthenticationMethod"
- c:classRef="https://sp.example.org/context" />
- </key>
- <list>
- <bean parent="shibboleth.SAML2AuthnContextClassRef"
- c:classRef="https://proxy.example.org/context1" />
- <bean parent="shibboleth.SAML2AuthnContextClassRef"
- c:classRef="https://proxy.example.org/context2" />
- </list>
- </entry>
- <entry>
- <key>
- <bean parent="shibboleth.SAML2AuthnContextClassRef"
- c:classRef="https://sp.example.org/context" />
- </key>
- <list>
- <bean parent="shibboleth.SAML2AuthnContextClassRef"
- c:classRef="https://proxy.example.org/context1" />
- <bean parent="shibboleth.SAML2AuthnContextClassRef"
- c:classRef="https://proxy.example.org/context2" />
- </list>
- </entry>
- -->
- </util:map>
-
- <!--
- Mappings to transform proxied Principals for inclusion in Subjects.
- Key is the input, value is a collection of possibly empty outputs.
- Used by default to transform values from Proxied IdP. ->
- -->
- <util:map id="shibboleth.PrincipalProxyResponseMappings">
- <!--
- <entry>
- <key>
- <bean parent="shibboleth.SAML2AuthnContextClassRef"
- c:classRef="https://proxy.example.org/context1" />
- </key>
- <list>
- <bean parent="shibboleth.SAML1AuthenticationMethod"
- c:classRef="https://sp.example.org/context" />
- <bean parent="shibboleth.SAML2AuthnContextClassRef"
- c:classRef="https://sp.example.org/context" />
- </list>
- </entry>
- <entry>
- <key>
- <bean parent="shibboleth.SAML2AuthnContextClassRef"
- c:classRef="https://proxy.example.org/context2" />
- </key>
- <list>
- <bean parent="shibboleth.SAML1AuthenticationMethod"
- c:classRef="https://sp.example.org/context" />
- <bean parent="shibboleth.SAML2AuthnContextClassRef"
- c:classRef="https://sp.example.org/context" />
- </list>
- </entry>
- -->
- </util:map>
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/authn/authn-events-flow.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/authn/authn-events-flow.xml
deleted file mode 100644
index 8846677..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/authn/authn-events-flow.xml
+++ /dev/null
@@ -1,22 +0,0 @@
-<flow xmlns="http://www.springframework.org/schema/webflow"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/webflow http://www.springframework.org/schema/webflow/spring-webflow.xsd"
- abstract="true">
-
- <!-- ADVANCED USE ONLY -->
-
- <!--
- You can ignore this file unless you are creating your own custom login subflows that want to
- report custom events in response to unusual error or warning conditions.
- -->
-
- <!-- Custom error events to reflect back from user-supplied login subflows. -->
-
- <!-- <end-state id="MyCustomEvent" /> -->
-
- <global-transitions>
- <!-- <transition on="MyCustomEvent" to="MyCustomEvent" /> -->
- <transition on="#{!'proceed'.equals(currentEvent.id)}" to="InvalidEvent" />
- </global-transitions>
-
-</flow>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/authn/authn.properties b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/authn/authn.properties
deleted file mode 100644
index 405c522..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/authn/authn.properties
+++ /dev/null
@@ -1,227 +0,0 @@
-# Properties that control authentication generally and the behavior of
-# specific methods.
-
-# Regular expression matching login flows to enable, e.g. IPAddress|Password
-#idp.authn.flows = Password
-
-# Default settings for most authentication methods.
-#idp.authn.defaultLifetime = PT1H
-#idp.authn.defaultTimeout = PT30M
-#idp.authn.proxyRestrictionsEnforced = true
-
-# Whether to populate relying party user interface information for display
-# during authentication, consent, terms-of-use.
-#idp.authn.rpui = true
-
-# Whether to prioritize "active" results when an SP requests more than
-# one possible matching login method (V2 behavior was to favor them)
-#idp.authn.favorSSO = false
-
-# Whether to fail requests when a user identity after authentication
-# doesn't match the identity in a pre-existing session.
-#idp.authn.identitySwitchIsError = false
-
-# If using IdP discovery feature, provides a discovery location to use.
-#idp.authn.discoveryURL = https://ds.example.org/shibboleth-ds/index.html
-
-# Login flow audit logging (defaults false for log compatibility)
-#idp.authn.audit.enabled = false
-
-# Revocation (administrative logout)
-#idp.authn.revocation = false
-#idp.authn.revocation.lifetime = %{idp.authn.defaultAuthnLifetime:PT12H}
-# Name of BiCondition to apply for check
-#idp.authn.revocation.Condition = shibboleth.RevocationCacheCondition
-# Set to true to treat lookup failures as being revoked.
-#idp.authn.revocation.strict = false
-# Set to true to check for address-based revocation.
-#idp.authn.revocation.addressBased = false
-# Default implementation based on a StorageService bean.
-#idp.authn.revocation.cache = shibboleth.AuthnRevocationCache
-#idp.authn.revocation.StorageService = shibboleth.StorageService
-
-
-# Properties below override specific method behavior, as an alternative
-# to defining Spring beans in XML. Refer to the documentation for a complete
-# list. Many of the properties below are mentioned only because they are
-# atypical defaults assumed for a given method.
-
-# Flow selection among multiple equivalent options can be managed with
-# the order properties, lower will be tried first.
-
-#### Password ####
-
-#idp.authn.Password.order = 1000
-#idp.authn.Password.passiveAuthenticationSupported = true
-#idp.authn.Password.forcedAuthenticationSupported = true
-# Override this and removeAfterValidation to require all validators to succeed
-#idp.authn.Password.requireAll = false
-# Override to keep the password around
-#idp.authn.Password.removeAfterValidation = true
-# Override to store password in Java Subject
-#idp.authn.Password.retainAsPrivateCredential = false
-# Simple username transforms before validation
-#idp.authn.Password.trim = true
-#idp.authn.Password.lowercase = false
-#idp.authn.Password.uppercase = false
-#idp.authn.Password.matchExpression =
-# Override default form field names
-#idp.authn.Password.usernameFieldName = j_username
-#idp.authn.Password.passwordFieldName = j_password
-#idp.authn.Password.ssoBypassFieldName = donotcache
-# Unset if using customized Principals per validator
-#idp.authn.Password.addDefaultPrincipals = true
-# The Principal collection below is the typical default if not otherwise noted.
-#idp.authn.Password.supportedPrincipals = \
-# saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport, \
-# saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:Password, \
-# saml1/urn:oasis:names:tc:SAML:1.0:am:password
-# Validators are controlled in password-authn-config.xml
-
-#### Password Backends ####
-
-# See ldap.properties for LDAP authn properties
-# Kerberos settings
-#idp.authn.Krb5.refreshConfig = false
-#idp.authn.Krb5.preserveTicket = false
-# Set next two for KDC verification
-#idp.authn.Krb5.servicePrincipal =
-#idp.authn.Krb5.keytab =
-# JAAS settings
-#idp.authn.JAAS.loginConfigNames = ShibUserPassAuth
-#idp.authn.JAAS.loginConfig = %{idp.home}/conf/authn/jaas.config
-
-#### External ####
-
-#idp.authn.External.order = 1000
-#idp.authn.External.nonBrowserSupported = false
-#idp.authn.External.matchExpression =
-# Unset if you plan to return full Java Subject from external source
-#idp.authn.External.addDefaultPrincipals = true
-# Servlet context-relative path to wherever your implementation lives
-idp.authn.External.externalAuthnPath = contextRelative:external.jsp
-
-#### RemoteUser ####
-
-#idp.authn.RemoteUser.order = 1000
-#idp.authn.RemoteUser.nonBrowserSupported = false
-#idp.authn.RemoteUser.matchExpression =
-# Unset in most cases only if using the authnMethodHeader or
-# subjectAttribute settings
-#idp.authn.RemoteUser.addDefaultPrincipals = true
-#idp.authn.RemoteUser.checkRemoteUser = true
-# Comma-delimited lists of attributes or headers to pull from
-#idp.authn.RemoteUser.checkAttributes =
-#idp.authn.RemoteUser.checkHeaders =
-# Advanced settings
-#idp.authn.RemoteUser.subjectAttribute =
-#idp.authn.RemoteUser.authnMethodHeader =
-#idp.authn.RemoteUser.authnAuthorityHeader =
-
-#### RemoteUserInternal ####
-
-#idp.authn.RemoteUserInternal.order = 1000
-#idp.authn.RemoteUserInternal.nonBrowserSupported = true
-# Unset in most cases only if using the authnMethodHeader feature
-#idp.authn.RemoteUserInternal.addDefaultPrincipals = true
-#idp.authn.RemoteUserInternal.checkRemoteUser = true
-# Comma-delimited lists of attributes or headers to pull from
-#idp.authn.RemoteUserInternal.checkAttributes =
-#idp.authn.RemoteUserInternal.checkHeaders =
-# Simple transforms to apply
-#idp.authn.RemoteUserInternal.trim = true
-#idp.authn.RemoteUserInternal.lowercase = false
-#idp.authn.RemoteUserInternal.uppercase = false
-#idp.authn.RemoteUserInternal.matchExpression =
-#idp.authn.RemoteUserInternal.allowedUsernames =
-#idp.authn.RemoteUserInternal.deniedUsernames =
-
-#### SPNEGO ####
-
-#idp.authn.SPNEGO.order = 1000
-#idp.authn.SPNEGO.nonBrowserSupported = false
-#idp.authn.SPNEGO.enforceRun = false
-#idp.authn.SPNEGO.refreshKrbConfig = false
-#idp.authn.SPNEGO.matchExpression =
-idp.authn.SPNEGO.supportedPrincipals = \
- saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos, \
- saml1/urn:ietf:rfc:1510
-
-#### X509 ####
-
-#idp.authn.X509.order = 1000
-#idp.authn.X509.nonBrowserSupported = false
-#idp.authn.X509.saveCertificateToCredentialSet = true
-# Servlet context-relative path to wherever your implementation lives
-#idp.authn.X509.externalAuthnPath = contextRelative:x509-prompt.jsp
-idp.authn.X509.supportedPrincipals = \
- saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:X509, \
- saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient, \
- saml1/urn:ietf:rfc:2246
-
-#### X509Internal ####
-
-#idp.authn.X509Internal.order = 1000
-#idp.authn.X509Internal.nonBrowserSupported = false
-#idp.authn.X509Internal.saveCertificateToCredentialSet = true
-idp.authn.X509Internal.supportedPrincipals = \
- saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:X509, \
- saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient, \
- saml1/urn:ietf:rfc:2246
-
-#### IPAddress ####
-
-#idp.authn.IPAddress.order = 1000
-#idp.authn.IPAddress.passiveAuthenticationSupported = true
-#idp.authn.IPAddress.lifetime = PT60S
-#idp.authn.IPAddress.inactivityTimeout = PT60S
-idp.authn.IPAddress.supportedPrincipals = \
- saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol
-
-#### Function ####
-
-#idp.authn.Function.order = 1000
-#idp.authn.Function.passiveAuthenticationSupported = true
-# Unset if you plan to return full Java Subject from function
-#idp.authn.Function.addDefaultPrincipals = true
-
-#### SAML ####
-
-#idp.authn.SAML.order = 1000
-#idp.authn.SAML.nonBrowserSupported = false
-#idp.authn.SAML.passiveAuthenticationSupported = true
-#idp.authn.SAML.forcedAuthenticationSupported = true
-#idp.authn.SAML.proxyScopingEnforced = true
-# Discovery options:
-# Define shibboleth.authn.SAML.discoveryFunction bean
-# Set proxyEntityID property
-# Fall through to discovery via discoveryRequired property
-#idp.authn.SAML.proxyEntityID = https://idp.example.org/idp/shibboleth
-#idp.authn.SAML.discoveryRequired = true
-# Generally left false with bidirectional mappings in
-# conf/authn/authn-comparison.xml across the proxy boundary.
-# Adjust as needed to reflect IdP's capabilities/support.
-#idp.authn.SAML.addDefaultPrincipals = false
-#idp.authn.SAML.supportedPrincipals = \
-# saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport, \
-# saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:Password, \
-# saml1/urn:oasis:names:tc:SAML:1.0:am:password
-
-#### MFA ####
-
-#idp.authn.MFA.order = 1000
-#idp.authn.MFA.passiveAuthenticationSupported = true
-#idp.authn.MFA.forcedAuthenticationSupported = true
-#idp.authn.MFA.validateLoginTransitions = true
-# Defaults to set AuthnInstant based on oldest component result
-#idp.authn.MFA.useLatestTimestamp = false
-# The list below almost certainly requires changes, and should generally be the
-# union of any of the separate factors you combine in your particular MFA flow
-# rules. The example corresponds to the example in mfa-authn-config.xml that
-# combines IPAddress with Password.
-idp.authn.MFA.supportedPrincipals = \
- saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol, \
- saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport, \
- saml2/urn:oasis:names:tc:SAML:2.0:ac:classes:Password, \
- saml1/urn:oasis:names:tc:SAML:1.0:am:password
-# Most actual setup via mfa-authn-config.xml
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/authn/password-authn-config.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/authn/password-authn-config.xml
deleted file mode 100644
index dc10fa1..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/authn/password-authn-config.xml
+++ /dev/null
@@ -1,105 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!--
- Ordered list of CredentialValidators to apply to a request.
-
- The four supplied variants are shown below; the HTPasswd option
- is an OOB default for demo account purposes, and you will
- want to remove it after initial install and testing.
- -->
- <util:list id="shibboleth.authn.Password.Validators">
- <ref bean="shibboleth.LDAPValidator" />
- <!-- <ref bean="shibboleth.KerberosValidator" /> -->
- <!-- <ref bean="shibboleth.JAASValidator" /> -->
- <!-- <bean parent="shibboleth.HTPasswdValidator" p:resource="%{idp.home}/credentials/demo.htpasswd" /> -->
- </util:list>
-
- <!-- Apply any regular expression replacement pairs to username before validation. -->
- <util:list id="shibboleth.authn.Password.Transforms">
- <!--
- <bean parent="shibboleth.Pair" p:first="^(.+)@example\.org$" p:second="$1" />
- -->
- </util:list>
-
- <!-- Uncomment to configure account lockout backed by in-memory storage. -->
- <!--
- <bean id="shibboleth.authn.Password.AccountLockoutManager"
- parent="shibboleth.StorageBackedAccountLockoutManager"
- p:maxAttempts="5"
- p:counterInterval="PT5M"
- p:lockoutDuration="PT5M"
- p:extendLockoutDuration="false" />
- -->
-
- <!--
- Define entries here to map error messages detected by validation actions and classify them as particular
- kinds of errors for use in your templates and as events in flows.
-
- Keys are events to signal, values are error codes.
- -->
- <util:map id="shibboleth.authn.Password.ClassifiedMessageMap">
- <entry key="UnknownUsername">
- <list>
- <value>NoCredentials</value>
- <value>CLIENT_NOT_FOUND</value>
- <value>Client not found</value>
- <value>Cannot get kdc for realm</value>
- <value>Client not found in Kerberos database</value>
- <value>DN_RESOLUTION_FAILURE</value>
- <value>Cannot authenticate dn, invalid dn</value>
- <value>Cannot authenticate dn, invalid credential</value>
- <value>AcceptSecurityContext error, data 525</value>
- </list>
- </entry>
- <entry key="InvalidPassword">
- <list>
- <value>InvalidCredentials</value>
- <value>PREAUTH_FAILED</value>
- <value>INVALID_CREDENTIALS</value>
- <value>Checksum failed</value>
- <value>Integrity check on decrypted field failed</value>
- <value>Pre-authentication information was invalid</value>
- <value>Key bytes cannot be null</value>
- <value>AcceptSecurityContext error, data 52e</value>
- </list>
- </entry>
- <entry key="AccountLocked">
- <list>
- <value>Clients credentials have been revoked</value>
- <value>AcceptSecurityContext error, data 775</value>
- </list>
- </entry>
- <entry key="AccountDisabled">
- <list>
- <value>AcceptSecurityContext error, data 533</value>
- </list>
- </entry>
- <entry key="ExpiredPassword">
- <list>
- <value>PASSWORD_EXPIRED</value>
- <value>CLIENT KEY EXPIRED</value>
- <value>AcceptSecurityContext error, data 532</value>
- <value>AcceptSecurityContext error, data 773</value>
- <value>AcceptSecurityContext error, data 701</value>
- </list>
- </entry>
- <entry key="ExpiringPassword">
- <list>
- <value>ACCOUNT_WARNING</value>
- </list>
- </entry>
- </util:map>
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/c14n/subject-c14n-events-flow.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/c14n/subject-c14n-events-flow.xml
deleted file mode 100644
index c4936f3..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/c14n/subject-c14n-events-flow.xml
+++ /dev/null
@@ -1,22 +0,0 @@
-<flow xmlns="http://www.springframework.org/schema/webflow"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/webflow http://www.springframework.org/schema/webflow/spring-webflow.xsd"
- abstract="true">
-
- <!-- ADVANCED USE ONLY -->
-
- <!--
- You can ignore this file unless you are creating your own custom c14n subflows that want to
- report custom events in response to unusual error or warning conditions.
- -->
-
- <!-- Custom error events to reflect back from user-supplied c14n subflows. -->
-
- <!-- <end-state id="MyCustomEvent" /> -->
-
- <global-transitions>
- <!-- <transition on="MyCustomEvent" to="MyCustomEvent" /> -->
- <transition on="#{!'proceed'.equals(currentEvent.id)}" to="InvalidEvent" />
- </global-transitions>
-
-</flow>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/c14n/subject-c14n.properties b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/c14n/subject-c14n.properties
deleted file mode 100644
index 3811493..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/c14n/subject-c14n.properties
+++ /dev/null
@@ -1,40 +0,0 @@
-# Properties that control the behavior of post-login subject c14n flows.
-# A few more advanced settings require XML configuration, see flow-specific docs.
-
-
-# Simple username -> principal name c14n
-#idp.c14n.simple.lowercase = false
-#idp.c14n.simple.uppercase = false
-#idp.c14n.simple.trim = true
-
-
-# Attribute resolution -> principal name c14n
-#idp.c14n.attribute.lowercase = false
-#idp.c14n.attribute.uppercase = false
-#idp.c14n.attribute.trim = true
-# Lists of attributes to resolve...
-#idp.c14n.attribute.attributesToResolve =
-# and then select a principal name from
-#idp.c14n.attribute.attributeSourceIds =
-# Allows direct use of attributes via SAML proxy authn, bypasses resolver
-#idp.c14n.attribute.resolveFromSubject = false
-#idp.c14n.attribute.resolutionCondition = shibboleth.Conditions.TRUE
-
-# X.509 certificate -> principal name c14n
-#idp.c14n.x500.lowercase = false
-#idp.c14n.x500.uppercase = false
-#idp.c14n.x500.trim = true
-# Precedence is to check for a subjectAltName and then an OID RDN
-# Comma-delimited list of subjectAltName type numbers
-# (See https://tools.ietf.org/html/rfc5280#section-4.2.1.6)
-#idp.c14n.x500.subjectAltNameTypes =
-# Comma-delimited list of OIDS
-#idp.c14n.x500.objectIDs =
-
-# Proxied SAML NameID -> principal name c14n
-#idp.c14n.saml.proxy.lowercase = false
-#idp.c14n.saml.proxy.uppercase = false
-
-# NameID consumption from SAML requests
-#idp.c14n.saml.lowercase = false
-#idp.c14n.saml.uppercase = false
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/c14n/subject-c14n.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/c14n/subject-c14n.xml
deleted file mode 100644
index b354535..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/c14n/subject-c14n.xml
+++ /dev/null
@@ -1,151 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!-- ========================= Java Subject -> Principal Mapping ========================= -->
-
- <!--
- These are lists of Subject Canonicalization flows that turn complex Subject data into a string-based
- principal name that the rest of the IdP can operate on. They're used primarily after authentication
- and also during less common operations like SAML attribute queries, to map the SAML Subject into a
- principal name.
-
- Flows are identified with an ID that corresponds to a Spring Web Flow subflow name.
-
- Most of the simple settings that configure these flows are in subject-c14n.properties.
- -->
-
- <!--
- ====================================================================
- Flows used after authentication to produce canonical principal name.
- ====================================================================
- -->
- <util:list id="shibboleth.PostLoginSubjectCanonicalizationFlows">
- <!--
- This is an advanced post-login step that performs attribute resolution and then produces a username
- from an attribute value. To enable universally, just uncomment, but if you want it to run under more
- specific conditions, set an activationCondition property to a condition to apply.
- -->
- <!-- <bean id="c14n/attribute" parent="shibboleth.PostLoginSubjectCanonicalizationFlow" /> -->
-
- <!--
- This is an advanced option for use with SAML 2 proxy authentication to a second IdP that
- derives the principal name semi-directly from the incoming NameID value. It is functionally
- akin to the c14n/SAML2Transform flow for SAML Request scenarios, but separately defined so
- a suitably restrictive format list and/or condition can be applied to it.
- -->
- <!-- <ref bean="c14n/SAML2ProxyTransform" /> -->
-
- <!--
- This is an alternative that handles Subjects containing an X500Principal object and
- allows extraction from the DN.
- -->
- <ref bean="c14n/x500" />
-
- <!--
- This is the standard post-login step that returns a username derived from the login process. If you
- have more complex needs such as mapping a certificate DN into a principal name, an alternative may
- be required such as that above, but you can use this for simple transforms.
- -->
- <ref bean="c14n/simple" />
- </util:list>
-
- <!-- What SAML NameID formats do you want to support direct transformations for while proxying? -->
- <util:list id="shibboleth.ProxyNameTransformFormats">
- <value>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</value>
- <value>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</value>
- <value>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</value>
- <value>urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName</value>
- <value>urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos</value>
- </util:list>
-
- <!--
- Under what conditions should direct NameID mapping during proxying be allowed? By default, never.
- Any condition can be used here; the example is suitable for enumerating a number of IdPs to allow.
- -->
- <bean id="shibboleth.ProxyNameTransformPredicate" parent="shibboleth.Conditions.ProxyAuthentication">
- <constructor-arg name="collection">
- <list>
- <!-- <value>https://idp-proxy.example.org</value> -->
- </list>
- </constructor-arg>
- </bean>
-
- <!--
- Regular expression transforms to apply to incoming proxied subject names. The default empty list just
- echoes the name through unmodified.
- -->
- <util:list id="shibboleth.ProxyNameTransforms">
- <!--
- <bean parent="shibboleth.Pair" p:first="^(.+)@example\.org$" p:second="$1" />
- -->
- </util:list>
-
-
- <!--
- =======================================================================
- Flows used during SAML requests to reverse-map NameIdentifiers/NameIDs.
- Below the list are some settings that might be useful to adjust.
- =======================================================================
- -->
- <util:list id="shibboleth.SAMLSubjectCanonicalizationFlows">
-
- <!-- The next four are for handling transient IDs (in-storage and stateless variants). -->
- <ref bean="c14n/SAML2Transient" />
- <ref bean="c14n/SAML2CryptoTransient" />
- <ref bean="c14n/SAML1Transient" />
- <ref bean="c14n/SAML1CryptoTransient" />
-
- <!-- Handle a SAML 2 persistent ID, provided a stored strategy is in use. -->
- <!-- <ref bean="c14n/SAML2Persistent" /> -->
-
- <!--
- Finally we have beans for decoding arbitrary SAML formats directly. By default, these are turned off,
- having *no* circumstances for which they apply (see shibboleth.TransformNamePredicate below).
- -->
- <ref bean="c14n/SAML2Transform" />
- <ref bean="c14n/SAML1Transform" />
- </util:list>
-
- <!-- What SAML NameID formats do you want to support direct transformations for? -->
- <util:list id="shibboleth.NameTransformFormats">
- <value>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</value>
- <value>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</value>
- <value>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</value>
- <value>urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName</value>
- <value>urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos</value>
- </util:list>
-
- <!--
- Under what conditions should direct NameID mapping be allowed? By default, never.
- Any condition can be used here; the example is suitable for enumerating a number of SPs to allow.
- -->
- <bean id="shibboleth.NameTransformPredicate" parent="shibboleth.Conditions.RelyingPartyId">
- <constructor-arg name="candidates">
- <list>
- <!-- <value>https://sp.example.org</value> -->
- </list>
- </constructor-arg>
- </bean>
-
- <!--
- Regular expression transforms to apply to incoming subject names. The default empty list just
- echoes the name through unmodified.
- -->
- <util:list id="shibboleth.NameTransforms">
- <!--
- <bean parent="shibboleth.Pair" p:first="^(.+)@example\.org$" p:second="$1" />
- -->
- </util:list>
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/errors.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/errors.xml
deleted file mode 100644
index 8d629ab..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/errors.xml
+++ /dev/null
@@ -1,127 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util" xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <bean id="shibboleth.DefaultErrorView" class="java.lang.String" c:_0="%{idp.errors.defaultView:error}" />
-
- <!-- Map local events to alternate view templates. -->
- <util:map id="shibboleth.EventViewMap">
- <!-- <entry key="EventToChange" value="viewname" /> -->
- </util:map>
-
- <!--
- Map of events to trap and handle with local views, without returning to SPs.
- The map values are flags indicating whether to write an audit log record.
- -->
- <util:map id="shibboleth.LocalEventMap">
- <entry key="ContextCheckDenied" value="true" />
- <entry key="ImpersonationViolation" value="true" />
- <entry key="AttributeReleaseRejected" value="true" />
- <entry key="TermsRejected" value="true" />
- <entry key="EndpointResolutionFailed" value="true" />
- <entry key="MessageAuthenticationError" value="true" />
- <entry key="RuntimeException" value="false" />
- <entry key="InvalidEvent" value="false" />
- <entry key="InvalidCSRFToken" value="false" />
- <!--
- <entry key="IdentitySwitch" value="false" />
- <entry key="NoPotentialFlow" value="false" />
- -->
- </util:map>
-
- <!-- Mappings of error events during requests to SAML status codes and SOAP fault codes. -->
-
- <util:map id="shibboleth.SAML1StatusMappings">
- <entry key="InvalidMessageVersion" value-ref="shibboleth.SAML1Status.VersionMismatch" />
-
- <entry key="UnableToDecode" value-ref="shibboleth.SAML1Status.Requester" />
-
- <entry key="UnableToEncode" value-ref="shibboleth.SAML1Status.Requester" />
-
- <entry key="MessageReplay" value-ref="shibboleth.SAML1Status.Requester" />
- <entry key="MessageExpired" value-ref="shibboleth.SAML1Status.Requester" />
- <entry key="MessageAuthenticationError" value-ref="shibboleth.SAML1Status.Requester" />
-
- <entry key="RequestUnsupported" value-ref="shibboleth.SAML1Status.Requester" />
-
- <entry key="NoPassive" value-ref="shibboleth.SAML1Status.Requester" />
- <entry key="NoPotentialFlow" value-ref="shibboleth.SAML1Status.Requester" />
- <entry key="NoCredentials" value-ref="shibboleth.SAML1Status.Requester" />
- <entry key="InvalidCredentials" value-ref="shibboleth.SAML1Status.Requester" />
- <entry key="AccountError" value-ref="shibboleth.SAML1Status.Requester" />
- <entry key="IdentitySwitch" value-ref="shibboleth.SAML1Status.Requester" />
- <entry key="AuthenticationException" value-ref="shibboleth.SAML1Status.Requester" />
-
- <entry key="InvalidSubject" value-ref="shibboleth.SAML1Status.Requester" />
- <entry key="SubjectCanonicalizationError" value-ref="shibboleth.SAML1Status.Requester" />
- </util:map>
-
- <util:map id="shibboleth.SAML2StatusMappings">
- <entry key="InvalidMessageVersion" value-ref="shibboleth.SAML2Status.VersionMismatch" />
-
- <entry key="UnableToDecode" value-ref="shibboleth.SAML2Status.RequestUnsupported" />
-
- <entry key="UnableToEncode" value-ref="shibboleth.SAML2Status.UnsupportedBinding" />
-
- <entry key="AccessDenied" value-ref="shibboleth.SAML2Status.RequestDenied" />
- <entry key="MessageReplay" value-ref="shibboleth.SAML2Status.RequestDenied" />
- <entry key="MessageExpired" value-ref="shibboleth.SAML2Status.RequestDenied" />
- <entry key="MessageAuthenticationError" value-ref="shibboleth.SAML2Status.RequestDenied" />
-
- <entry key="RequestUnsupported" value-ref="shibboleth.SAML2Status.NoAuthnContext" />
-
- <entry key="NoPassive" value-ref="shibboleth.SAML2Status.NoPassive" />
-
- <entry key="NoPotentialFlow" value-ref="shibboleth.SAML2Status.AuthnFailed" />
- <entry key="NoCredentials" value-ref="shibboleth.SAML2Status.AuthnFailed" />
- <entry key="InvalidCredentials" value-ref="shibboleth.SAML2Status.AuthnFailed" />
- <entry key="AccountError" value-ref="shibboleth.SAML2Status.AuthnFailed" />
- <entry key="IdentitySwitch" value-ref="shibboleth.SAML2Status.AuthnFailed" />
- <entry key="AuthenticationException" value-ref="shibboleth.SAML2Status.AuthnFailed" />
-
- <entry key="InvalidSubject" value-ref="shibboleth.SAML2Status.UnknownPrincipal" />
- <entry key="SubjectCanonicalizationError" value-ref="shibboleth.SAML2Status.UnknownPrincipal" />
- <entry key="SessionNotFound" value-ref="shibboleth.SAML2Status.UnknownPrincipal" />
-
- <entry key="InvalidNameIDPolicy" value-ref="shibboleth.SAML2Status.InvalidNameIDPolicy" />
- <entry key="ProxyCountExceeded" value-ref="shibboleth.SAML2Status.ProxyCountExceeded" />
-
- <entry key="ChannelBindingsError" value-ref="shibboleth.SAML2Status.ChannelBindingsError" />
- </util:map>
-
- <util:map id="shibboleth.SOAPFaultCodeMappings">
- <entry key="InvalidMessageVersion" value-ref="shibboleth.SOAP.VersionMismatch" />
-
- <entry key="UnableToDecode" value-ref="shibboleth.SOAP.Client" />
-
- <entry key="MessageReplay" value-ref="shibboleth.SOAP.Client" />
- <entry key="MessageExpired" value-ref="shibboleth.SOAP.Client" />
- <entry key="MessageAuthenticationError" value-ref="shibboleth.SOAP.Client" />
-
- <entry key="RequestUnsupported" value-ref="shibboleth.SOAP.Client" />
-
- <entry key="NoPassive" value-ref="shibboleth.SOAP.Client" />
-
- <entry key="NoPotentialFlow" value-ref="shibboleth.SOAP.Client" />
- <entry key="NoCredentials" value-ref="shibboleth.SOAP.Client" />
- <entry key="InvalidCredentials" value-ref="shibboleth.SOAP.Client" />
- <entry key="AccountError" value-ref="shibboleth.SOAP.Client" />
- <entry key="AuthenticationException" value-ref="shibboleth.SOAP.Client" />
-
- <entry key="InvalidSubject" value-ref="shibboleth.SOAP.Client" />
- <entry key="SubjectCanonicalizationError" value-ref="shibboleth.SOAP.Client" />
-
- <entry key="InvalidNameIDPolicy" value-ref="shibboleth.SOAP.Client" />
-
- <entry key="ChannelBindingsError" value-ref="shibboleth.SOAP.Client" />
- </util:map>
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/examples/attribute-resolver-ldap.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/examples/attribute-resolver-ldap.xml
deleted file mode 100644
index 74b3033..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/examples/attribute-resolver-ldap.xml
+++ /dev/null
@@ -1,108 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- This file is an EXAMPLE configuration file containing some example attributes
- based on some commonly used approaches when LDAP is the principal data source.
-
- Not all attribute definitions or data connectors are demonstrated, but some
- LDAP attributes common to Shibboleth deployments (and some not so common) are
- included.
-
- This example is in no way usable as a substitute for reading the documentation.
--->
-<AttributeResolver
- xmlns="urn:mace:shibboleth:2.0:resolver"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd">
-
- <!-- ========================================== -->
- <!-- Attribute Definitions -->
- <!-- ========================================== -->
-
- <!-- Simple attributes are exported directly from the LDAP connector. -->
-
- <!-- eduPerson attributes requiring post-lookup manipulation -->
-<!--
-
- <AttributeDefinition xsi:type="Prescoped" id="eduPersonPrincipalName">
- <InputDataConnector ref="myLDAP" attributeNames="eduPersonPrincipalName"/>
- </AttributeDefinition>
-
- <AttributeDefinition xsi:type="Prescoped" id="eduPersonPrincipalNamePrior">
- <InputDataConnector ref="myLDAP" attributeNames="eduPersonPrincipalNamePrior"/>
- </AttributeDefinition>
-
- <AttributeDefinition xsi:type="Scoped" id="eduPersonScopedAffiliation" scope="%{idp.scope}">
- <InputDataConnector ref="myLDAP" attributeNames="eduPersonAffiliation"/>
- </AttributeDefinition>
--->
-
- <!-- Schema: SAML Subject ID Attributes -->
-<!--
- <AttributeDefinition xsi:type="Scoped" id="samlSubjectID" scope="%{idp.scope}">
- <InputDataConnector ref="myLDAP" attributeNames="%{idp.persistentId.sourceAttribute}"/>
- </AttributeDefinition>
-
- <AttributeDefinition xsi:type="Scoped" id="samlPairwiseID" scope="%{idp.scope}">
- <InputDataConnector ref="computed" attributeNames="computedId"/>
- </AttributeDefinition>
--->
-
- <!-- ========================================== -->
- <!-- Data Connectors -->
- <!-- ========================================== -->
-
- <!-- Example LDAP Connector -->
-
- <DataConnector id="myLDAP" xsi:type="LDAPDirectory"
- ldapURL="%{idp.attribute.resolver.LDAP.ldapURL}"
- baseDN="%{idp.attribute.resolver.LDAP.baseDN}"
- principal="%{idp.attribute.resolver.LDAP.bindDN}"
- principalCredential="%{idp.attribute.resolver.LDAP.bindDNCredential}"
- useStartTLS="%{idp.attribute.resolver.LDAP.useStartTLS:true}"
- startTLSTimeout="%{idp.attribute.resolver.LDAP.startTLSTimeout}"
- connectTimeout="%{idp.attribute.resolver.LDAP.connectTimeout}"
- trustFile="%{idp.attribute.resolver.LDAP.trustCertificates}"
- responseTimeout="%{idp.attribute.resolver.LDAP.responseTimeout}"
- connectionStrategy="%{idp.attribute.resolver.LDAP.connectionStrategy}"
- noResultIsError="true"
- multipleResultsIsError="true"
- excludeResolutionPhases="c14n/attribute"
- exportAttributes="mail displayName sn givenName departmentNumber employeeNumber eduPersonEntitlement eduPersonAssurance">
- <FilterTemplate>
- <![CDATA[
- %{idp.attribute.resolver.LDAP.searchFilter}
- ]]>
- </FilterTemplate>
- <ConnectionPool
- minPoolSize="%{idp.pool.LDAP.minSize:3}"
- maxPoolSize="%{idp.pool.LDAP.maxSize:10}"
- blockWaitTime="%{idp.pool.LDAP.blockWaitTime:PT3S}"
- validatePeriodically="%{idp.pool.LDAP.validatePeriodically:true}"
- validateTimerPeriod="%{idp.pool.LDAP.validatePeriod:PT5M}"
- validateDN="%{idp.pool.LDAP.validateDN:}"
- validateOnCheckout="%{idp.pool.LDAP.validateOnCheckout:false}"
- validateFilter="%{idp.pool.LDAP.validateFilter:(objectClass=*)}"
- prunePeriod="%{idp.pool.LDAP.prunePeriod:PT5M}"
- expirationTime="%{idp.pool.LDAP.idleTime:PT10M}"/>
- </DataConnector>
-
- <!--
- DataConnector for pairwise-id (example depends in part on saml-nameid.properties).
- Note that this relies on BASE32 encoding in accordance with the attribute definition.
- Older uses of this plugin for legacy eduPersonTargetedID/NameID values may require
- different settings.
- -->
-<!--
- <DataConnector id="computed" xsi:type="ComputedId"
- excludeResolutionPhases="c14n/attribute"
- generatedAttributeID="computedId"
- salt="%{idp.persistentId.salt}"
- algorithm="%{idp.persistentId.algorithm:SHA}"
- encoding="BASE32">
-
- <InputDataConnector ref="myLDAP" attributeNames="%{idp.persistentId.sourceAttribute}" />
-
- </DataConnector>
--->
-
-</AttributeResolver>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/examples/oidc-attribute-filter.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/examples/oidc-attribute-filter.xml
deleted file mode 100644
index cdd4293..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/examples/oidc-attribute-filter.xml
+++ /dev/null
@@ -1,168 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<AttributeFilterPolicyGroup id="ShibbolethFilterPolicy" xmlns="urn:mace:shibboleth:2.0:afp"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:oidc="urn:mace:shibboleth:2.0:afp:oidc"
- xsi:schemaLocation="urn:mace:shibboleth:2.0:afp http://shibboleth.net/schema/idp/shibboleth-afp.xsd
- urn:mace:shibboleth:2.0:afp:oidc http://shibboleth.net/schema/oidc/shibboleth-afp-oidc.xsd">
-
-
- <!--
- The convention in the rules below is to use pre-existing attributeID defaults where appropriate
- and to use OIDC claim names where no existing ID makes sense. You're free to adjust all this
- as long as the resolver and/or registry rules match.
- -->
-
- <!--
- This demonstrates how subject is set when 'openid' -scope is involved. That scope is required in
- OIDC sequences.
- -->
- <AttributeFilterPolicy id="OPENID_SCOPE">
- <PolicyRequirementRule xsi:type="oidc:OIDCScope" value="openid" />
- <!-- May adjust to taste depending on strategy used to produce sub claim. -->
- <AttributeRule attributeID="subject">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="subject-public">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="subject-pairwise">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- </AttributeFilterPolicy>
-
- <!--
- This demonstrates how subject is set with "plain" OAuth authorization sequences, i.e. when 'openid'
- scope is not involved.
- -->
- <AttributeFilterPolicy id="OAUTH_SUBJECT">
- <PolicyRequirementRule xsi:type="AND">
- <Rule xsi:type="NOT">
- <Rule xsi:type="oidc:OIDCScope" value="openid" />
- </Rule>
- <Rule xsi:type="Profile" value="http://shibboleth.net/ns/profiles/oidc/sso/browser" />
- </PolicyRequirementRule>
- <AttributeRule attributeID="subject">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="subject-public">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="subject-pairwise">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- </AttributeFilterPolicy>
-
- <!--
- This demonstrates a rule that releases email claims in response to requests having the 'email' scope.
- The requester needs to have that as a registered scope.
- -->
- <AttributeFilterPolicy id="OPENID_SCOPE_EMAIL">
- <PolicyRequirementRule xsi:type="oidc:OIDCScope" value="email" />
- <AttributeRule attributeID="mail">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="email_verified">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- </AttributeFilterPolicy>
-
- <!--
- This demonstrates a rule that releases address claim in response to requests having the 'address' scope.
- The requester needs to have that as a registered scope.
- -->
- <AttributeFilterPolicy id="OPENID_SCOPE_ADDRESS">
- <PolicyRequirementRule xsi:type="oidc:OIDCScope" value="address" />
- <AttributeRule attributeID="address">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- </AttributeFilterPolicy>
-
- <!--
- This demonstrates a rule that releases phone claims in response to requests having the 'phone' scope.
- The requester needs to have that as a registered scope.
- -->
- <AttributeFilterPolicy id="OPENID_SCOPE_PHONE">
- <PolicyRequirementRule xsi:type="oidc:OIDCScope" value="phone" />
- <AttributeRule attributeID="telephoneNumber">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="phone_number_verified">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- </AttributeFilterPolicy>
-
- <!--
- This demonstrates a rule that releases profile claims in response to requests having the 'profile' scope.
- The requester needs to have that as a registered scope.
- -->
- <AttributeFilterPolicy id="OPENID_SCOPE_PROFILE">
- <PolicyRequirementRule xsi:type="oidc:OIDCScope" value="profile" />
- <AttributeRule attributeID="displayName">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="sn">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="givenName">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="preferredLanguage">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="eduPersonNickname">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="uid">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="middle_name">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="profile">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="picture">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="website">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="gender">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="birthdate">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="zoneinfo">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- <AttributeRule attributeID="updated_at">
- <PermitValueRule xsi:type="ANY" />
- </AttributeRule>
- </AttributeFilterPolicy>
-
-
- <!-- Example rules for honoring requested claims and splitting claims between ID and UserInfo tokens. -->
-
- <AttributeFilterPolicy id="REQUESTED_CLAIMS">
- <PolicyRequirementRule xsi:type="ANY" />
- <!-- Release picture if asked. -->
- <AttributeRule attributeID="picture">
- <PermitValueRule xsi:type="oidc:AttributeInOIDCRequestedClaims" />
- </AttributeRule>
- <!-- Release email in ID token if specifically asked for in ID token. -->
- <AttributeRule attributeID="mail">
- <PermitValueRule xsi:type="oidc:AttributeInOIDCRequestedClaims" matchOnlyIDToken="true" />
- </AttributeRule>
- <!-- Release phone_number in UserInfo token if specifically asked for in UserInfo token. -->
- <AttributeRule attributeID="telephoneNumber">
- <PermitValueRule xsi:type="oidc:AttributeInOIDCRequestedClaims" matchOnlyUserInfo="true" />
- </AttributeRule>
- <!-- Release name if specifically asked for in UserInfo token and flagged as essential. -->
- <AttributeRule attributeID="displayName">
- <PermitValueRule xsi:type="oidc:AttributeInOIDCRequestedClaims" matchOnlyUserInfo="true"
- onlyIfEssential="true" />
- </AttributeRule>
- </AttributeFilterPolicy>
-
-</AttributeFilterPolicyGroup>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/examples/oidc-attribute-resolver.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/examples/oidc-attribute-resolver.xml
deleted file mode 100644
index 22a353d..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/examples/oidc-attribute-resolver.xml
+++ /dev/null
@@ -1,191 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<AttributeResolver xmlns="urn:mace:shibboleth:2.0:resolver"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:oidc="urn:mace:shibboleth:2.0:resolver:oidc"
- xsi:schemaLocation="urn:mace:shibboleth:2.0:resolver http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd
- urn:mace:shibboleth:2.0:resolver:oidc http://shibboleth.net/schema/oidc/shibboleth-attribute-encoder-oidc.xsd">
-
- <!--
- Some of the examples assume conf/attributes/oidc-claim-rules.xml is loaded
- into the registry service.
- -->
-
- <!--
- Exactly one attribute needs to supply the "sub" claim, but this can't be
- fully standardized. There are suggested approaches below. Using the Scoped
- definition is recommended to ensure intrinsic uniqueness.
- -->
-
- <!--
- These two examples use activation conditions and filter rules elsewhere to
- allow for different public and pairwise behavior. This is a nice strategy
- because using a "knowable" value for public sub claims is easier to support,
- and allows provisioning by out of band systems.
-
- While these examples do expose "uid" as the value for public sub claims,
- this is simply to provide a "working" out of the box example. Using something
- more stable, managed by IDM infrastructure, is the advisable approach.
- -->
- <AttributeDefinition id="subject-public" xsi:type="Scoped" scope="%{idp.scope}"
- activationConditionRef="shibboleth.oidc.Conditions.PublicRequired">
- <InputAttributeDefinition ref="uid" />
- <AttributeEncoder xsi:type="oidc:OIDCScopedString" name="sub" />
- </AttributeDefinition>
-
- <AttributeDefinition id="subject-pairwise" xsi:type="Scoped" scope="%{idp.scope}"
- activationConditionRef="shibboleth.oidc.Conditions.PairwiseRequired">
- <InputDataConnector ref="computedSubjectId" attributeNames="subjectId"/>
- <AttributeEncoder xsi:type="oidc:OIDCScopedString" name="sub" />
- </AttributeDefinition>
-
- <!--
- This example (the data connector in particular) will generate public or
- pairwise values depending on client registration. The public values will
- depend on, but not expose, an underlying value, which is again set to "uid"
- for simplicity, but this is not a good strategy unless "uid" itself is a
- stable, managed value.
- -->
- <!--
- <AttributeDefinition id="subject" xsi:type="Scoped" scope="%{idp.scope}"
- activationConditionRef="shibboleth.oidc.Conditions.SubjectRequired">
- <InputDataConnector ref="computedSubjectId" attributeNames="subjectId"/>
- <AttributeEncoder xsi:type="oidc:OIDCScopedString" name="sub" />
- </AttributeDefinition>
- -->
-
- <!--
- The EPPN is the most common federated username in higher education.
- For guidelines on the implementation of this attribute, refer to eduPerson
- and/or federation documentation. Above all, do not expose a value for this
- attribute without considering the long term implications.
- -->
- <AttributeDefinition id="eduPersonPrincipalName" xsi:type="Scoped" scope="%{idp.scope}">
- <InputAttributeDefinition ref="uid" />
- <AttributeEncoder xsi:type="oidc:OIDCScopedString" name="eppn" />
- </AttributeDefinition>
-
- <!--
- The uid is the closest thing to a "standard" LDAP attribute representing
- a local username, but you should generally *never* expose uid to federated
- services, as it is rarely globally unique. The default mapping for OIDC is
- to preferred_username, which seems suitably meaningless.
- -->
- <AttributeDefinition id="uid" xsi:type="PrincipalName" />
-
- <!-- This is just for illustrative purposes given that the connector is static. -->
- <AttributeDefinition id="mail" xsi:type="Template">
- <InputAttributeDefinition ref="uid" />
- <Template><![CDATA[
- ${uid}@%{idp.scope}
- ]]></Template>
- </AttributeDefinition>
-
- <!--
- Start of static attributes. In actual deployment you would use a real source
- for most of these attributes/claims.
- -->
-
- <AttributeDefinition id="eduPersonScopedAffiliation" xsi:type="Scoped" scope="%{idp.scope}">
- <InputDataConnector ref="staticAttributes" attributeNames="affiliation" />
- </AttributeDefinition>
-
- <!--
- This demonstrates a complex claim constructed by forming a JSON structure.
- The default transcoding rule for the address claim expects such a structure.
- -->
- <AttributeDefinition id="address" xsi:type="Template">
- <InputDataConnector ref="staticAttributes" attributeNames="street_address locality region postal_code country"/>
- <Template><![CDATA[
- {"street_address":"${street_address}", "locality":"${locality}","region":"${region}","postal_code":"${postal_code}","country":"${country}" }
- ]]></Template>
- </AttributeDefinition>
-
- <!--
- Data Connector for generating 'sub' claim. It may be used to generate both
- public and pairwise subject values because it recognizes the OIDC sector_id
- if used during client registration.
- -->
- <DataConnector id="computedSubjectId" xsi:type="ComputedId"
- generatedAttributeID="subjectId"
- salt="%{idp.oidc.subject.salt}"
- algorithm="%{idp.oidc.subject.algorithm:SHA}"
- encoding="BASE32">
- <InputAttributeDefinition ref="%{idp.oidc.subject.sourceAttribute}"/>
- </DataConnector>
-
- <!--
- Static example to populate default claims. Most of these are directly exposed and
- handled by the default set of transcoding rules provided for optional inclusion.
- -->
- <DataConnector id="staticAttributes" xsi:type="Static"
- exportAttributes="telephoneNumber phone_number_verified email_verified displayName sn givenName middle_name eduPersonNickname profile picture website gender birthdate zoneinfo preferredLanguage updated_at">
- <Attribute id="affiliation">
- <Value>member</Value>
- <Value>staff</Value>
- </Attribute>
- <Attribute id="telephoneNumber">
- <Value>+1 (604) 555-1234;ext=5678</Value>
- </Attribute>
- <Attribute id="phone_number_verified">
- <Value>true</Value>
- </Attribute>
- <Attribute id="email_verified">
- <Value>false</Value>
- </Attribute>
- <Attribute id="displayName">
- <Value>Mr.Teppo Matias Testaaja</Value>
- </Attribute>
- <Attribute id="sn">
- <Value>Testaaja</Value>
- </Attribute>
- <Attribute id="givenName">
- <Value>Teppo Matias</Value>
- </Attribute>
- <Attribute id="middle_name">
- <Value>Matias</Value>
- </Attribute>
- <Attribute id="eduPersonNickname">
- <Value>TT</Value>
- </Attribute>
- <Attribute id="profile">
- <Value>https://fi.wikipedia.org/wiki/Tom_Cruise</Value>
- </Attribute>
- <Attribute id="picture">
- <Value>https://pixabay.com/fi/pentu-kissa-kukka-potin-tabby-pentu-2766820/</Value>
- </Attribute>
- <Attribute id="website">
- <Value>https://www.facebook.com/officialtomcruise/</Value>
- </Attribute>
- <Attribute id="gender">
- <Value>male</Value>
- </Attribute>
- <Attribute id="birthdate">
- <Value>1969-07-20</Value>
- </Attribute>
- <Attribute id="zoneinfo">
- <Value>America/Los_Angeles</Value>
- </Attribute>
- <Attribute id="preferredLanguage">
- <Value>en-US</Value>
- </Attribute>
- <Attribute id="updated_at">
- <Value>1509450347</Value>
- </Attribute>
- <Attribute id="street_address">
- <Value>234 Hollywood Blvd.</Value>
- </Attribute>
- <Attribute id="locality">
- <Value>Los Angeles</Value>
- </Attribute>
- <Attribute id="region">
- <Value>CA</Value>
- </Attribute>
- <Attribute id="postal_code">
- <Value>90210</Value>
- </Attribute>
- <Attribute id="country">
- <Value>US</Value>
- </Attribute>
- </DataConnector>
-
-</AttributeResolver>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/global.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/global.xml
deleted file mode 100644
index 0bfa7bc..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/global.xml
+++ /dev/null
@@ -1,55 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!-- Use this file to define any custom beans needed globally. -->
-
- <!--
- Algorithm include/exclude sets that override or merge with library defaults. Normally you can leave these
- empty or commented and use the system defaults, but you can override those defaults using these beans.
- Each <value> element is an algorithm URI; you can also use <util:constant> elements in place of literal values.
- -->
-
- <!--
- <util:set id="shibboleth.IncludedSignatureAlgorithms">
- </util:set>
-
- <util:set id="shibboleth.ExcludedSignatureAlgorithms">
- </util:set>
-
- <util:set id="shibboleth.IncludedEncryptionAlgorithms">
- </util:set>
-
- <util:set id="shibboleth.ExcludedEncryptionAlgorithms">
- </util:set>
- -->
-
- <!--
- If you need to define and inject custom Java object(s) into the various views used throughout the
- system (errors, login, logout, etc.), you can uncomment and define the bean below to be of any
- type required. It will appear in the view scope as a variable named "custom".
-
- The example below defines the bean as a map, which allows you to inject multiple objects under
- named keys to expand the feature to support multiple injected objects.
-
- You MUST NOT change the bean(s) referenced in this way, they should be treated as read-only from
- within views.
- -->
-
- <!--
- <util:map id="shibboleth.CustomViewContext">
- <entry key="foo" value="bar"/>
- </util:map>
- -->
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/intercept/intercept-events-flow.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/intercept/intercept-events-flow.xml
deleted file mode 100644
index 6214e80..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/intercept/intercept-events-flow.xml
+++ /dev/null
@@ -1,20 +0,0 @@
-<flow xmlns="http://www.springframework.org/schema/webflow"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/webflow http://www.springframework.org/schema/webflow/spring-webflow.xsd"
- abstract="true">
-
- <!-- ADVANCED USE ONLY -->
-
- <!--
- You can ignore this file unless you are creating your own custom intercept subflows that want to
- report custom events in response to unusual conditions.
- -->
-
- <!-- <end-state id="MyCustomEvent" /> -->
-
- <global-transitions>
- <!-- <transition on="MyCustomEvent" to="MyCustomEvent" /> -->
- <transition on="#{!'proceed'.equals(currentEvent.id)}" to="InvalidEvent" />
- </global-transitions>
-
-</flow>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/ldap.properties b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/ldap.properties
index f0bfc65..97e20b5 100644
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/ldap.properties
+++ b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/ldap.properties
@@ -5,7 +5,7 @@
idp.authn.LDAP.authenticator = bindSearchAuthenticator
## Connection properties ##
-idp.authn.LDAP.ldapURL = ldaps://directory
+idp.authn.LDAP.ldapURL = ldap://directory
idp.authn.LDAP.useStartTLS = false
# Time to wait for startTLS responses
#idp.authn.LDAP.startTLSTimeout = PT3S
@@ -17,11 +17,11 @@ idp.authn.LDAP.useStartTLS = false
#idp.authn.LDAP.connectionStrategy = ACTIVE_PASSIVE
## SSL configuration, either jvmTrust, certificateTrust, or keyStoreTrust
-idp.authn.LDAP.sslConfig = certificateTrust
+#idp.authn.LDAP.sslConfig = certificateTrust
## If using certificateTrust above, set to the trusted certificate's path
-idp.authn.LDAP.trustCertificates = %{idp.home}/credentials/ldap-server.crt
+#idp.authn.LDAP.trustCertificates = %{idp.home}/credentials/ldap-server.crt
## If using keyStoreTrust above, set to the truststore path
-idp.authn.LDAP.trustStore = %{idp.home}/credentials/ldap-server.truststore
+#idp.authn.LDAP.trustStore = %{idp.home}/credentials/ldap-server.truststore
## Return attributes during authentication
idp.authn.LDAP.returnAttributes = passwordExpirationTime,loginGraceRemaining
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/logback.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/logback.xml
deleted file mode 100644
index ffff922..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/logback.xml
+++ /dev/null
@@ -1,226 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration>
-
- <!--
- Variables for simplifying logging configuration.
- http://logback.qos.ch/manual/configuration.html#variableSubstitution
- -->
-
- <!--
- If you want to use custom properties in this config file,
- we load the main property file for you.
- -->
- <variable file="${idp.home}/conf/idp.properties" />
-
- <!-- Location and retention. -->
-
- <variable name="idp.logfiles" value="${idp.logfiles:-${idp.home}/logs}" />
- <variable name="idp.loghistory" value="${idp.loghistory:-180}" />
-
- <!-- Much higher performance if you operate on DEBUG. -->
- <!-- <variable name="idp.process.appender" value="ASYNC_PROCESS" /> -->
-
- <!-- Logging level shortcuts. -->
- <variable name="idp.loglevel.idp" value="${idp.loglevel.idp:-INFO}" />
- <variable name="idp.loglevel.ldap" value="${idp.loglevel.ldap:-WARN}" />
- <variable name="idp.loglevel.messages" value="${idp.loglevel.messages:-INFO}" />
- <variable name="idp.loglevel.encryption" value="${idp.loglevel.encryption:-INFO}" />
- <variable name="idp.loglevel.opensaml" value="${idp.loglevel.opensaml:-INFO}" />
- <variable name="idp.loglevel.props" value="${idp.loglevel.props:-INFO}" />
- <variable name="idp.loglevel.httpclient" value="${idp.loglevel.httpclient:-INFO}" />
-
- <!-- Don't turn these up unless you want a *lot* of noise. -->
- <variable name="idp.loglevel.spring" value="${idp.loglevel.spring:-ERROR}" />
- <variable name="idp.loglevel.container" value="${idp.loglevel.container:-ERROR}" />
- <variable name="idp.loglevel.xmlsec" value="${idp.loglevel.xmlsec:-INFO}" />
-
- <!-- =========================================================== -->
- <!-- ============== Logging Categories and Levels ============== -->
- <!-- =========================================================== -->
-
- <!-- Logs IdP, but not OpenSAML, messages -->
- <logger name="net.shibboleth.idp" level="${idp.loglevel.idp}"/>
-
- <!-- Logs OpenSAML, but not IdP, messages -->
- <logger name="org.opensaml.saml" level="${idp.loglevel.opensaml}"/>
-
- <!-- Logs LDAP related messages -->
- <logger name="org.ldaptive" level="${idp.loglevel.ldap}"/>
-
- <!-- Logs embedded HTTP client messages -->
- <logger name="org.apache.hc" level="${idp.loglevel.httpclient}"/>
-
- <!-- Logs inbound and outbound protocols messages at DEBUG level -->
- <logger name="PROTOCOL_MESSAGE" level="${idp.loglevel.messages}" />
-
- <!-- Logs unencrypted SAML at DEBUG level -->
- <logger name="org.opensaml.saml.saml2.encryption.Encrypter" level="${idp.loglevel.encryption}" />
- <logger name="org.opensaml.saml.saml2.encryption.Decrypter" level="${idp.loglevel.encryption}" />
-
- <!-- Logs system properties during startup at DEBUG level -->
- <logger name="net.shibboleth.idp.admin.impl.LogImplementationDetails" level="${idp.loglevel.props}" />
-
- <!-- Especially chatty. -->
- <logger name="org.apache.xml.security" level="${idp.loglevel.xmlsec}" />
- <logger name="org.springframework" level="${idp.loglevel.spring}"/>
- <logger name="org.apache.catalina" level="${idp.loglevel.container}"/>
- <logger name="org.eclipse.jetty" level="${idp.loglevel.container}"/>
-
-
- <!-- =========================================================== -->
- <!-- ============== Low Level Details or Changes =============== -->
- <!-- =========================================================== -->
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <!-- encoders are assigned the type
- ch.qos.logback.classic.encoder.PatternLayoutEncoder by default -->
- <encoder>
- <pattern>%-4relative [%thread] %-5level %logger{35} -%kvp- %msg %n</pattern>
- </encoder>
- </appender>
-
- <!-- Process log. -->
- <appender name="IDP_PROCESS" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <File>${idp.logfiles}/idp-process.log</File>
-
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${idp.logfiles}/idp-process-%d{yyyy-MM-dd}.log.gz</fileNamePattern>
- <maxHistory>${idp.loghistory}</maxHistory>
- </rollingPolicy>
-
- <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
- <charset>UTF-8</charset>
- <Pattern>%date{ISO8601} - %mdc{idp.remote_addr} - %level [%logger:%line] - %msg%n%ex{short}</Pattern>
- </encoder>
-
- <!-- Ignore Velocity status page error. -->
- <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
- <evaluator>
- <matcher>
- <Name>VelocityStatusMatcher</Name>
- <regex>ResourceManager\s*: unable to find resource 'status\.vm' in any resource loader\.</regex>
- </matcher>
- <expression>VelocityStatusMatcher.matches(formattedMessage)</expression>
- </evaluator>
- <OnMatch>DENY</OnMatch>
- </filter>
- </appender>
-
- <appender name="ASYNC_PROCESS" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="IDP_PROCESS" />
- <discardingThreshold>0</discardingThreshold>
- </appender>
-
- <appender name="IDP_WARN" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <!-- Suppress anything below WARN. -->
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
-
- <File>${idp.logfiles}/idp-warn.log</File>
-
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${idp.logfiles}/idp-warn-%d{yyyy-MM-dd}.log.gz</fileNamePattern>
- <maxHistory>${idp.loghistory}</maxHistory>
- </rollingPolicy>
-
- <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
- <charset>UTF-8</charset>
- <Pattern>%date{ISO8601} - %mdc{idp.remote_addr} - %level [%logger:%line] - %msg%n%ex{full}</Pattern>
- </encoder>
-
- <!-- Ignore Velocity status page error. -->
- <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
- <evaluator>
- <matcher>
- <Name>VelocityStatusMatcher</Name>
- <regex>ResourceManager\s*: unable to find resource 'status\.vm' in any resource loader\.</regex>
- </matcher>
- <expression>VelocityStatusMatcher.matches(formattedMessage)</expression>
- </evaluator>
- <OnMatch>DENY</OnMatch>
- </filter>
- </appender>
-
- <!-- Audit log. -->
- <appender name="IDP_AUDIT" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <File>${idp.logfiles}/idp-audit.log</File>
-
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${idp.logfiles}/idp-audit-%d{yyyy-MM-dd}.log.gz</fileNamePattern>
- <maxHistory>${idp.loghistory}</maxHistory>
- </rollingPolicy>
-
- <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
- <charset>UTF-8</charset>
- <Pattern>%msg%n</Pattern>
- </encoder>
- </appender>
-
- <!-- Consent audit log. -->
- <appender name="IDP_CONSENT_AUDIT" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <File>${idp.logfiles}/idp-consent-audit.log</File>
-
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${idp.logfiles}/idp-consent-audit-%d{yyyy-MM-dd}.log.gz</fileNamePattern>
- <maxHistory>${idp.loghistory}</maxHistory>
- </rollingPolicy>
-
- <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
- <charset>UTF-8</charset>
- <Pattern>%msg%n</Pattern>
- </encoder>
- </appender>
-
- <!-- F-TICKS syslog destination. -->
- <appender name="IDP_FTICKS" class="ch.qos.logback.classic.net.SyslogAppender">
- <syslogHost>${idp.fticks.loghost:-localhost}</syslogHost>
- <port>${idp.fticks.logport:-514}</port>
- <facility>AUTH</facility>
- <suffixPattern>[%thread] %logger %msg</suffixPattern>
- </appender>
-
- <!-- Top level loggers. -->
-
- <logger name="Shibboleth-Audit" level="ALL">
- <appender-ref ref="${idp.audit.appender:-IDP_AUDIT}"/>
- <appender-ref ref="STDOUT" />
- </logger>
-
- <logger name="Shibboleth-FTICKS" level="ALL" additivity="false">
- <appender-ref ref="${idp.fticks.appender:-IDP_FTICKS}"/>
- </logger>
-
- <logger name="Shibboleth-Consent-Audit" level="ALL">
- <appender-ref ref="${idp.consent.appender:-IDP_CONSENT_AUDIT}"/>
- <appender-ref ref="STDOUT" />
- </logger>
-
- <root level="${idp.loglevel.root:-INFO}">
- <appender-ref ref="${idp.process.appender:-IDP_PROCESS}"/>
- <appender-ref ref="${idp.warn.appender:-IDP_WARN}" />
- <appender-ref ref="STDOUT" />
- </root>
-
- <!-- Example routing Password flow auditing to separate location (extend to other flows as needed). -->
-
- <!--
- <appender name="IDP_PASSWORD_AUDIT" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <File>${idp.logfiles}/idp-password-audit.log</File>
-
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${idp.logfiles}/idp-password-audit-%d{yyyy-MM-dd}.log.gz</fileNamePattern>
- <maxHistory>${idp.loghistory}</maxHistory>
- </rollingPolicy>
-
- <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
- <charset>UTF-8</charset>
- <Pattern>%msg%n</Pattern>
- </encoder>
- </appender>
-
- <logger name="Shibboleth-Audit.Password" level="ALL" additivity="false">
- <appender-ref ref="IDP_PASSWORD_AUDIT"/>
- </logger>
- -->
-
-</configuration>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/saml-nameid.properties b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/saml-nameid.properties
deleted file mode 100644
index 08b66c5..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/saml-nameid.properties
+++ /dev/null
@@ -1,31 +0,0 @@
-# Properties involving SAML NameIdentifier/NameID generation/consumption
-
-# For the most part these settings only deal with "transient" and "persistent"
-# identifiers. See saml-nameid.xml and c14n/subject-c14n.xml for advanced
-# settings
-
-# Default NameID Formats to use when nothing else is called for.
-# Don't change these just to change the Format used for a single SP!
-#idp.nameid.saml2.default = urn:oasis:names:tc:SAML:2.0:nameid-format:transient
-#idp.nameid.saml1.default = urn:mace:shibboleth:1.0:nameIdentifier
-
-# Set to shibboleth.StoredTransientIdGenerator for server-side transient ID storage
-#idp.transientId.generator = shibboleth.CryptoTransientIdGenerator
-
-# Persistent IDs can be computed on the fly with a hash, or managed in a database
-
-# For computed IDs, set a source attribute, and a secret salt in secrets.properties
-#idp.persistentId.sourceAttribute = changethistosomethingreal
-#idp.persistentId.useUnfilteredAttributes = true
-#idp.persistentId.algorithm = SHA
-# BASE64 will match V2 values, we recommend BASE32 encoding for new installs.
-idp.persistentId.encoding = BASE32
-
-# To use a database, use shibboleth.StoredPersistentIdGenerator
-#idp.persistentId.generator = shibboleth.ComputedPersistentIdGenerator
-# For basic use, set this to a JDBC DataSource bean name:
-#idp.persistentId.dataSource = PersistentIdDataSource
-# Controls which JDBC error codes are treated as retryable
-#idp.persistentId.retryableErrors = 23000,23505
-# Set to an empty property to skip hash-based generation of first stored ID
-#idp.persistentId.computed = shibboleth.ComputedPersistentIdGenerator
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/saml-nameid.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/saml-nameid.xml
deleted file mode 100644
index 7d82cf5..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/saml-nameid.xml
+++ /dev/null
@@ -1,64 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util"
- xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!-- ========================= SAML NameID Generation ========================= -->
-
- <!--
- These generator lists handle NameID/Nameidentifier generation going forward. By default,
- transient IDs for both SAML versions are enabled. The commented examples are for persistent IDs
- and generating more one-off formats based on resolved attributes. The suggested approach is to
- control their use via release of the underlying source attribute in the filter policy rather
- than here, but you can set a property on any generator called "activationCondition" to limit
- use in the most generic way.
-
- Most of the relevant configuration settings are controlled using properties; an exception is
- the generation of arbitrary/custom formats based on attribute information, examples of which
- are shown below.
-
- -->
-
- <!-- SAML 2 NameID Generation -->
- <util:list id="shibboleth.SAML2NameIDGenerators">
-
- <ref bean="shibboleth.SAML2TransientGenerator" />
-
- <!-- Uncommenting this bean requires configuration in saml-nameid.properties. -->
- <!--
- <ref bean="shibboleth.SAML2PersistentGenerator" />
- -->
-
- <!--
- <bean parent="shibboleth.SAML2AttributeSourcedGenerator"
- p:omitQualifiers="true"
- p:format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
- p:attributeSourceIds="#{ {'mail'} }" />
- -->
-
- </util:list>
-
- <!-- SAML 1 NameIdentifier Generation -->
- <util:list id="shibboleth.SAML1NameIdentifierGenerators">
-
- <ref bean="shibboleth.SAML1TransientGenerator" />
-
- <!--
- <bean parent="shibboleth.SAML1AttributeSourcedGenerator"
- p:omitQualifiers="true"
- p:format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
- p:attributeSourceIds="#{ {'mail'} }" />
- -->
-
- </util:list>
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/services.properties b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/services.properties
deleted file mode 100644
index 6e507a2..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/services.properties
+++ /dev/null
@@ -1,72 +0,0 @@
-# Configure the resources to load for various services,
-# and the settings for failure handling and auto-reload.
-
-# failFast=true prevents IdP startup if a configuration is bad
-# checkInterval = PT0S means never reload (this is the default)
-
-# Global default for fail-fast behavior of most subsystems
-# with individual override possible below.
-#idp.service.failFast = false
-
-#idp.service.logging.resource = %{idp.home}/conf/logback.xml
-#idp.service.logging.failFast = true
-idp.service.logging.checkInterval = PT5M
-
-#idp.service.relyingparty.resources = shibboleth.RelyingPartyResolverResources
-#idp.service.relyingparty.failFast = false
-idp.service.relyingparty.checkInterval = PT15M
-# See MetadataDrivenConfiguration wiki topic for details
-idp.service.relyingparty.ignoreUnmappedEntityAttributes=true
-
-#idp.service.metadata.resources = shibboleth.MetadataResolverResources
-#idp.service.metadata.failFast = false
-#idp.service.metadata.checkInterval = PT0S
-# Set to false if not using ByReference MetadataFilters for a small perf gain
-#idp.service.metadata.enableByReferenceFilters = true
-
-#idp.service.attribute.registry.resources = shibboleth.AttributeRegistryResources
-#idp.service.attribute.registry.failFast = false
-idp.service.attribute.registry.checkInterval = PT15M
-# Default control of whether to encode XML attribute data with xsi:type
-idp.service.attribute.registry.encodeType = false
-
-#idp.service.attribute.resolver.resources = shibboleth.AttributeResolverResources
-#idp.service.attribute.resolver.failFast = false
-idp.service.attribute.resolver.checkInterval = PT15M
-#idp.service.attribute.resolver.maskFailures = true
-#idp.service.attribute.resolver.stripNulls = false
-
-#idp.service.attribute.filter.resources = shibboleth.AttributeFilterResources
-# NOTE: Failing the filter fast leaves no filters enabled.
-#idp.service.attribute.filter.failFast = false
-idp.service.attribute.filter.checkInterval = PT15M
-#idp.service.attribute.filter.maskFailures = true
-
-#idp.service.nameidGeneration.resources = shibboleth.NameIdentifierGenerationResources
-#idp.service.nameidGeneration.failFast = false
-idp.service.nameidGeneration.checkInterval = PT15M
-
-#idp.service.access.resources = shibboleth.AccessControlResources
-#idp.service.access.failFast = true
-idp.service.access.checkInterval = PT5M
-
-#idp.service.cas.registry.resources = shibboleth.CASServiceRegistryResources
-#idp.service.cas.registry.failFast = false
-idp.service.cas.registry.checkInterval = PT15M
-
-#idp.service.managedBean.resources = shibboleth.ManagedBeanResources
-#idp.service.managedBean.failFast = false
-idp.service.managedBean.checkInterval = PT15M
-
-#idp.message.resources = shibboleth.MessageSourceResources
-#idp.message.cacheSeconds = 300
-
-# These settings impact the behavior of the internal HTTP Client used by default
-# with some internal components, but notably *not* for metadata acquisition.
-#idp.httpclient.useSecurityEnhancedTLSSocketFactory = false
-#idp.httpclient.connectionDisregardTLSCertificate = false
-#idp.httpclient.connectionRequestTimeout = PT1M
-#idp.httpclient.connectionTimeout = PT1M
-#idp.httpclient.socketTimeout = PT1M
-#idp.httpclient.maxConnectionsTotal = 100
-#idp.httpclient.maxConnectionsPerRoute = 100
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/services.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/services.xml
deleted file mode 100644
index 24e2b1e..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/conf/services.xml
+++ /dev/null
@@ -1,58 +0,0 @@
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:util="http://www.springframework.org/schema/util" xmlns:p="http://www.springframework.org/schema/p"
- xmlns:c="http://www.springframework.org/schema/c" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
-
- default-init-method="initialize"
- default-destroy-method="destroy">
-
- <!-- By default we look at resources whose names are derived from %{idp.home}. -->
-
- <util:list id="shibboleth.RelyingPartyResolverResources">
- <value>%{idp.home}/conf/relying-party.xml</value>
- <value>%{idp.home}/conf/credentials.xml</value>
- </util:list>
-
- <util:list id="shibboleth.MetadataResolverResources">
- <value>%{idp.home}/conf/metadata-providers.xml</value>
- </util:list>
-
- <util:list id ="shibboleth.AttributeResolverResources">
- <value>%{idp.home}/conf/attribute-resolver.xml</value>
- </util:list>
-
- <!--
- This is suitable for new installs but will usually produce duplicate Attribute
- output if a legacy resolver file is used that contains AttributeEncoders.
- -->
- <util:list id ="shibboleth.AttributeRegistryResources">
- <value>%{idp.home}/conf/attribute-registry.xml</value>
- <value>%{idp.home}/conf/attributes/default-rules.xml</value>
- <value>%{idp.home}/conf/attribute-resolver.xml</value>
- </util:list>
-
- <util:list id ="shibboleth.AttributeFilterResources">
- <value>%{idp.home}/conf/attribute-filter.xml</value>
- </util:list>
-
- <util:list id ="shibboleth.NameIdentifierGenerationResources">
- <value>%{idp.home}/conf/saml-nameid.xml</value>
- </util:list>
-
- <util:list id="shibboleth.AccessControlResources">
- <value>%{idp.home}/conf/access-control.xml</value>
- </util:list>
-
- <!--
- This collection of resources differs slightly in that it should not include the file extension.
- Message sources are internationalized, and Spring will search for a compatible language extension
- and fall back to one with only a .properties extension.
- -->
- <util:list id="shibboleth.MessageSourceResources">
- <value>%{idp.home}/messages/messages</value>
- </util:list>
-
-</beans>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/idp-backchannel.crt b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/idp-backchannel.crt
deleted file mode 100644
index 19044c9..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/idp-backchannel.crt
+++ /dev/null
@@ -1,25 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIELDCCApSgAwIBAgIVAKMEwvKmJlWLzwBBxhMJZ/zi+0nbMA0GCSqGSIb3DQEB
-CwUAMBsxGTAXBgNVBAMMEGlkcC51bmljb24ubG9jYWwwHhcNMjMxMTA2MTc0ODM0
-WhcNNDMxMTA2MTc0ODM0WjAbMRkwFwYDVQQDDBBpZHAudW5pY29uLmxvY2FsMIIB
-ojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAps8AP8KgLOtdERP1lLztwBT7
-tnmeBrQnWoX/MHs1K79HyzOpUw6j4Bm5MmJcTJxeK9kJiuLzHJ4G5kkMbmpMwhJj
-H21fBqibwraVMH+cBbD18QEqErE8mlJ+uN9AHYHaFV5O4ppaiesYSQnqvFjSILad
-5yJ3xNJwYfoeIc/E0alFuDVBvVhNqk32za6JJMiWLK08AJgUcGOtRU9q/Y7h2q73
-eygCtjDvFnCpPE/mGx5SwKu9N2+kotp0xkIiDliZ9wZFL6kTNkiQ94GJz6P+5j1v
-c3c3Sfth8+/f+S/idByzxTiX6gOf5b3nDT5mFgoLcOrilLfPEg/sDiv0jKjasNYR
-MlHe5a9xBe+gI3Y3M+0vppWfvJwh2l2fhoZqJC8zyTQz7TlEsC0hsOv70wgRAWmz
-OI4zDV4vL4/LrI2vPMt7uZFuC3DV0+XeUr5FZvFZKrsXCMB4cBkMEPCOYe31JT5y
-UxGtJEQOvl1ObKru4FNhrjcxXxCQMnA0oYnwUcHJAgMBAAGjZzBlMB0GA1UdDgQW
-BBS5vNUOpOMY7meBwaqoTN0wIq6myTBEBgNVHREEPTA7ghBpZHAudW5pY29uLmxv
-Y2FshidodHRwczovL2lkcC51bmljb24ubG9jYWwvaWRwL3NoaWJib2xldGgwDQYJ
-KoZIhvcNAQELBQADggGBADgeksdk7No8yusABD8DBxVOytOUg8ZHjjohbfUVJAet
-Y4HzX5/zJoU9EPeOOWHE6Zp1XkCk+ArYEJI53pj2+4S7fC6aw3n89wV2D0VLW/tb
-/MCAoc1Is/ALFw7PArHtozz2cWcd5B6DBJVBFvThQf/L39+vCTXt9+AgjpIt24BT
-zn8G5Nc3BHijW8pXfYreNHJYf6WuNZaay0374X14MwupMMPtCzliWlVORkjghZZB
-yNGf7S/GZ+AsCbv7PJEWvHekUfGccOGYBW3I9mU/ZAOiWZALQhqXO9nLCtuA/ues
-qhhg99IGrb+ZEjtdFKEnAS2XIcs0c37lfMSdiEOHa+Z0DlLK29OaikeSnLuRFP67
-xCeWT75C4XFYoFlpryC1bR694xDwuc865Z0uvMjtJ83AAenbg1bf9FX82CWYXDns
-jk7lubigoNxmFbllzDszYADlQt3v38rPucvbmWoayb88+Z614mNvIWTeWhAUEii4
-5hDBkVJuN/XCFdW+4Fq8nA==
------END CERTIFICATE-----
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/idp-backchannel.p12 b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/idp-backchannel.p12
deleted file mode 100644
index b639a42..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/idp-backchannel.p12 and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.nashorn/truststore.asc b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.nashorn/truststore.asc
deleted file mode 100644
index f5bc0f7..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.nashorn/truststore.asc
+++ /dev/null
@@ -1,32 +0,0 @@
-
-
Rod Widdowson <rdw@steadingsoftware.com> id 2A4B3FF0
-
-----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: BCPG v1.76.0
-
-mQINBF2CHx4BEADfUvo4sPc8a8uQjfvoHdBY0qmgwXlcAOyllBKZ5g/wYKZO1Lkp
-LZh/dQFBK4AjqRnzs0dq0arK0W5WijOYjQ+s5cd1MMXmzqgXG02eAS4ooK6KsSwv
-mo2FydddQKFbwLkGdS/UXcENWNnzGeJhmjmcPSLgRo2hsSh63cFltq2+8fwl1fQ9
-FzZwscOOkJGBb7/nqdHdnvL9yrRameYFo2iWF9P52cjfv5NiNklkDBUHeISuX48I
-pI+kSOz2b7/aP4vKOKOpOaas0MAdcYT8AcwrCD9OhFFzfuIs/S9+rHGs/+M0vcWG
-DPR+IY0L7Stgkc2Hz1gazuqHBiOBq5VnDOE9nkZ/mY/HwMJzYCtuwQSPyidY7sRk
-lrD5NzXVXGtUri/vghOgRcT3PG8P6zL3UrJi+XgwNSmNHfWQR+wt2Rs9SqrHav+g
-xqHHxCmcH/7HSZEAFi0ooxybOCLeKuAuu94TWi/KAF6/d9iNLekXpuodKl/ceO6d
-9h8791Rjh9a2BR6+VkIxf2zSzb0IPrmGfCjq5Jhc7m3AzAYNWJs0e/FK6G3FYfIS
-TYAGEUJgiWkm7zpV8eDiUo7Qjs9YTQPuuVjtdVCzt3BNm5NUKyrssDxYFs6ryFop
-FDoFewGPhFTnh8wTo0PUYpVj6ZUC8YniFE+XAOq8hufgbiqMcFn+2A/qMQARAQAB
-tChSb2QgV2lkZG93c29uIDxyZHdAc3RlYWRpbmdzb2Z0d2FyZS5jb20+iQJOBBMB
-CAA4FiEESvTYPu3fQ9o8BssxAUg/JipLP/AFAl2CHx4CGwMFCwkIBwIGFQoJCAsC
-BBYCAwECHgECF4AACgkQAUg/JipLP/Cr6hAA0RQyvAvWXnVNA+js6aNpqNO+rGyw
-sm+ajSuPNCyrkELlR08qpTxaezQ3soDJ9iWYgpPV767szs0yZmbnEEq1QAJXYsq6
-0pGVtuEtTmqRYcxuZwwqfkGJhs8p2C7/U5IcbvrvlUpHD6G4CEaH/CHthOpyVtBV
-7cHqt1l0+6+928UTdkZl3OPrbQloHHgHN14LPWY2MiGCDIbLx5wOrwrJ8hoiGeK3
-npfUZsrothsh/hClMWB4jf5sM/fltr/dT+Vi09JjE7/2wDTIq1R7UsAUte6sfhb/
-GLTVdQmG8jsWfMWP3rKDFBRiXHNzM/gNP2mHnXLO6UlSkV2JuJ9fgSKiBpXhtrI3
-7PTNnJdZz1Lm6rl1T9jgWdzRkl4x17bBzgU8GkTsRBS2vuRFDdsoywPJJgw7sdP3
-FTVBFfCGil9DAzKjGtbeIM2UBfx/7ltqVrHMR5pgto7aXpAt7N1X4ocTL/BSlZCk
-nFXnMIpW+Vsg6NDg5bRyC3adaReL3APnMkmBSSiqu4hFwrD6MVXcLN9tQ70sW3QT
-e1lOiUMeGQkVhiRWiZLeQd9jIeN1hoDGBnBYBgAeawGO5fGAJCTosXLP07C8lFLF
-5SYN8pBx0acuZMVwG0NKGcYyP/3Z+3j4kWIlpN+x455nQs/n/ZBGLlkVygtlXCC5
-YXIbnFuzOi3Lofg=
-=W9I3
------END PGP PUBLIC KEY BLOCK-----
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.nashorn/truststore.asc.backup b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.nashorn/truststore.asc.backup
deleted file mode 100644
index e69de29..0000000
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.oidc.config/truststore.asc.backup b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.oidc.config/truststore.asc.backup
deleted file mode 100644
index e69de29..0000000
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.oidc.op/truststore.asc.backup b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.oidc.op/truststore.asc.backup
deleted file mode 100644
index e69de29..0000000
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.oidc.common/truststore.asc.backup b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.oidc.common/truststore.asc.backup
deleted file mode 100644
index e69de29..0000000
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/ant-1.10.14.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/ant-1.10.14.jar
deleted file mode 100644
index d175341..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/ant-1.10.14.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/ant-launcher-1.10.14.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/ant-launcher-1.10.14.jar
deleted file mode 100644
index 54c10ad..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/ant-launcher-1.10.14.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/bcpg-jdk18on-1.76.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/bcpg-jdk18on-1.76.jar
deleted file mode 100644
index f478624..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/bcpg-jdk18on-1.76.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/commons-compress-1.23.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/commons-compress-1.23.0.jar
deleted file mode 100644
index 38e5505..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/commons-compress-1.23.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/idp-cli-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/idp-cli-5.0.0.jar
deleted file mode 100644
index 5c25632..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/idp-cli-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/idp-installer-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/idp-installer-5.0.0.jar
deleted file mode 100644
index 1a901cf..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/idp-installer-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/jcommander-1.81.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/jcommander-1.81.jar
deleted file mode 100644
index 699c543..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/jcommander-1.81.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/shib-cli-9.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/shib-cli-9.0.0.jar
deleted file mode 100644
index e0c2f2a..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/binlib/shib-cli-9.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/idp.installed.version b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/idp.installed.version
deleted file mode 100644
index 3ccd980..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/idp.installed.version
+++ /dev/null
@@ -1,4 +0,0 @@
-#Version file written at 2023-11-06T17:48:23.270808669Z
-#Mon Nov 06 17:48:23 UTC 2023
-idp.installed.version=5.0.0
-idp.previous.installed.version=
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-contents/net.shibboleth.idp.plugin.nashorn b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-contents/net.shibboleth.idp.plugin.nashorn
deleted file mode 100644
index ce35636..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-contents/net.shibboleth.idp.plugin.nashorn
+++ /dev/null
@@ -1,12 +0,0 @@
-#Files Copied 2023-11-08T14:10:20.094540150Z
-#Wed Nov 08 14:10:20 UTC 2023
-idp.plugin.file.1=dist/plugin-webapp/WEB-INF/lib/asm-util-7.3.1.jar
-idp.plugin.version=2.0.0
-idp.plugin.file.2=dist/plugin-webapp/WEB-INF/lib/asm-analysis-7.3.1.jar
-idp.plugin.file.3=dist/plugin-webapp/WEB-INF/lib/asm-commons-7.3.1.jar
-idp.plugin.relativePaths=true
-idp.plugin.file.4=dist/plugin-webapp/WEB-INF/lib/idp-plugin-nashorn-jdk-impl-2.0.0.jar
-idp.plugin.file.5=dist/plugin-webapp/WEB-INF/lib/asm-7.3.1.jar
-idp.plugin.file.6=dist/plugin-webapp/WEB-INF/lib/nashorn-core-15.4.jar
-idp.plugin.file.7=dist/plugin-webapp/WEB-INF/lib/idp-plugin-scripting-api-2.0.0.jar
-idp.plugin.file.8=dist/plugin-webapp/WEB-INF/lib/asm-tree-7.3.1.jar
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-contents/net.shibboleth.idp.plugin.oidc.config b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-contents/net.shibboleth.idp.plugin.oidc.config
deleted file mode 100644
index 6c18d98..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-contents/net.shibboleth.idp.plugin.oidc.config
+++ /dev/null
@@ -1,5 +0,0 @@
-#Files Copied 2023-11-06T17:58:18.554634463Z
-#Mon Nov 06 17:58:18 UTC 2023
-idp.plugin.file.1=dist/plugin-webapp/WEB-INF/lib/idp-plugin-oidc-config-impl-2.0.0.jar
-idp.plugin.version=2.0.0
-idp.plugin.relativePaths=true
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-contents/net.shibboleth.idp.plugin.oidc.op b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-contents/net.shibboleth.idp.plugin.oidc.op
deleted file mode 100644
index ca5c5e8..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-contents/net.shibboleth.idp.plugin.oidc.op
+++ /dev/null
@@ -1,6 +0,0 @@
-#Files Copied 2023-11-06T18:03:52.222771240Z
-#Mon Nov 06 18:03:52 UTC 2023
-idp.plugin.file.1=dist/plugin-webapp/WEB-INF/lib/idp-plugin-oidc-op-api-4.0.0.jar
-idp.plugin.version=4.0.0
-idp.plugin.file.2=dist/plugin-webapp/WEB-INF/lib/idp-plugin-oidc-op-impl-4.0.0.jar
-idp.plugin.relativePaths=true
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-contents/net.shibboleth.oidc.common b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-contents/net.shibboleth.oidc.common
deleted file mode 100644
index b4a2c12..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-contents/net.shibboleth.oidc.common
+++ /dev/null
@@ -1,21 +0,0 @@
-#Files Copied 2023-11-06T17:57:25.550970856Z
-#Mon Nov 06 17:57:25 UTC 2023
-idp.plugin.file.11=dist/plugin-webapp/WEB-INF/lib/oidc-common-profile-impl-3.0.0.jar
-idp.plugin.file.12=dist/plugin-webapp/WEB-INF/lib/oidc-common-profile-api-3.0.0.jar
-idp.plugin.file.13=dist/plugin-webapp/WEB-INF/lib/oidc-common-attribute-impl-3.0.0.jar
-idp.plugin.file.14=dist/plugin-webapp/WEB-INF/lib/oidc-common-crypto-api-3.0.0.jar
-idp.plugin.file.15=dist/plugin-webapp/WEB-INF/lib/json-smart-2.4.8.jar
-idp.plugin.file.16=dist/plugin-webapp/WEB-INF/lib/oidc-common-saml-api-3.0.0.jar
-idp.plugin.file.17=dist/plugin-webapp/WEB-INF/lib/lang-tag-1.7.jar
-idp.plugin.file.1=dist/plugin-webapp/WEB-INF/lib/oidc-common-crypto-impl-3.0.0.jar
-idp.plugin.version=3.0.0
-idp.plugin.file.2=dist/plugin-webapp/WEB-INF/lib/accessors-smart-1.2.jar
-idp.plugin.file.3=dist/plugin-webapp/WEB-INF/lib/oidc-common-metadata-api-3.0.0.jar
-idp.plugin.relativePaths=true
-idp.plugin.file.4=dist/plugin-webapp/WEB-INF/lib/oidc-common-metadata-impl-3.0.0.jar
-idp.plugin.file.5=dist/plugin-webapp/WEB-INF/lib/nimbus-jose-jwt-9.29.jar
-idp.plugin.file.6=dist/plugin-webapp/WEB-INF/lib/oauth2-oidc-sdk-10.5.1.jar
-idp.plugin.file.7=dist/plugin-webapp/WEB-INF/lib/oidc-common-attribute-api-3.0.0.jar
-idp.plugin.file.10=dist/plugin-webapp/WEB-INF/lib/oidc-common-plugin-3.0.0.jar
-idp.plugin.file.8=dist/plugin-webapp/WEB-INF/lib/content-type-2.2.jar
-idp.plugin.file.9=dist/plugin-webapp/WEB-INF/lib/oidc-common-saml-impl-3.0.0.jar
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/accessors-smart-1.2.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/accessors-smart-1.2.jar
deleted file mode 100644
index f4505e9..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/accessors-smart-1.2.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-7.3.1.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-7.3.1.jar
deleted file mode 100644
index 8a50266..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-7.3.1.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-analysis-7.3.1.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-analysis-7.3.1.jar
deleted file mode 100644
index 1f83a5e..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-analysis-7.3.1.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-commons-7.3.1.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-commons-7.3.1.jar
deleted file mode 100644
index 65fb30e..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-commons-7.3.1.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-tree-7.3.1.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-tree-7.3.1.jar
deleted file mode 100644
index 28858f4..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-tree-7.3.1.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-util-7.3.1.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-util-7.3.1.jar
deleted file mode 100644
index 4fe6c52..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/asm-util-7.3.1.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/content-type-2.2.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/content-type-2.2.jar
deleted file mode 100644
index 40463fc..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/content-type-2.2.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-nashorn-jdk-impl-2.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-nashorn-jdk-impl-2.0.0.jar
deleted file mode 100644
index fa7afa7..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-nashorn-jdk-impl-2.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-oidc-config-impl-2.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-oidc-config-impl-2.0.0.jar
deleted file mode 100644
index 3f0389a..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-oidc-config-impl-2.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-oidc-op-api-4.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-oidc-op-api-4.0.0.jar
deleted file mode 100644
index b98ae9b..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-oidc-op-api-4.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-oidc-op-impl-4.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-oidc-op-impl-4.0.0.jar
deleted file mode 100644
index 33ccb2d..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-oidc-op-impl-4.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-scripting-api-2.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-scripting-api-2.0.0.jar
deleted file mode 100644
index 43527d0..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/idp-plugin-scripting-api-2.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/json-smart-2.4.8.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/json-smart-2.4.8.jar
deleted file mode 100644
index 213ffe0..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/json-smart-2.4.8.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/lang-tag-1.7.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/lang-tag-1.7.jar
deleted file mode 100644
index c089707..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/lang-tag-1.7.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/nashorn-core-15.4.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/nashorn-core-15.4.jar
deleted file mode 100644
index b472660..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/nashorn-core-15.4.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/nimbus-jose-jwt-9.29.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/nimbus-jose-jwt-9.29.jar
deleted file mode 100644
index 5f801ca..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/nimbus-jose-jwt-9.29.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oauth2-oidc-sdk-10.5.1.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oauth2-oidc-sdk-10.5.1.jar
deleted file mode 100644
index 949d0a0..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oauth2-oidc-sdk-10.5.1.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-attribute-api-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-attribute-api-3.0.0.jar
deleted file mode 100644
index fca1d1e..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-attribute-api-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-attribute-impl-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-attribute-impl-3.0.0.jar
deleted file mode 100644
index e53395e..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-attribute-impl-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-crypto-api-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-crypto-api-3.0.0.jar
deleted file mode 100644
index 95d122b..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-crypto-api-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-crypto-impl-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-crypto-impl-3.0.0.jar
deleted file mode 100644
index e610ff5..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-crypto-impl-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-metadata-api-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-metadata-api-3.0.0.jar
deleted file mode 100644
index 10ec24d..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-metadata-api-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-metadata-impl-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-metadata-impl-3.0.0.jar
deleted file mode 100644
index 38d1716..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-metadata-impl-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-plugin-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-plugin-3.0.0.jar
deleted file mode 100644
index 0aa4465..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-plugin-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-profile-api-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-profile-api-3.0.0.jar
deleted file mode 100644
index 4de6fa7..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-profile-api-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-profile-impl-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-profile-impl-3.0.0.jar
deleted file mode 100644
index cb03d54..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-profile-impl-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-saml-api-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-saml-api-3.0.0.jar
deleted file mode 100644
index f57dcdc..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-saml-api-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-saml-impl-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-saml-impl-3.0.0.jar
deleted file mode 100644
index 087db21..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/plugin-webapp/WEB-INF/lib/oidc-common-saml-impl-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/META-INF/MANIFEST.MF b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/META-INF/MANIFEST.MF
deleted file mode 100644
index 5205f28..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/META-INF/MANIFEST.MF
+++ /dev/null
@@ -1,4 +0,0 @@
-Manifest-Version: 1.0
-Created-By: Maven WAR Plugin 3.3.2
-Build-Jdk-Spec: 17
-
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/idpui.tld b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/idpui.tld
deleted file mode 100644
index 0193edb..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/idpui.tld
+++ /dev/null
@@ -1,257 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<taglib xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd"
- version="2.0">
-
- <tlib-version>1.0</tlib-version>
- <short-name>idpui</short-name>
- <uri>urn:mace:shibboleth:2.0:idp:ui</uri>
-
- <tag>
- <description>Service Name - some user friendly description about the relying party</description>
- <name>serviceName</name>
- <tag-class>net.shibboleth.idp.ui.taglib.ServiceNameTag</tag-class>
- <body-content>empty</body-content>
- <attribute>
- <name>defaultValue</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>uiContext</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- <type>net.shibboleth.idp.ui.context.RelyingPartyUIContext</type>
- </attribute>
- </tag>
-
- <tag>
- <description>Service Description - taken from the mdui statement</description>
- <name>serviceDescription</name>
- <tag-class>net.shibboleth.idp.ui.taglib.ServiceDescriptionTag</tag-class>
- <body-content>scriptless</body-content>
- <attribute>
- <name>uiContext</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- <type>net.shibboleth.idp.ui.context.RelyingPartyUIContext</type>
- </attribute>
- </tag>
-
- <tag>
- <description>Service Contact - information about the contact at the SP</description>
- <name>serviceContact</name>
- <tag-class>net.shibboleth.idp.ui.taglib.ServiceContactTag</tag-class>
- <body-content>scriptless</body-content>
- <attribute>
- <name>contactType</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>name</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssId</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssClass</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssStyle</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>uiContext</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- <type>net.shibboleth.idp.ui.context.RelyingPartyUIContext</type>
- </attribute>
- </tag>
-
- <tag>
- <description>Service Privacy URL - directly from the metadata if present</description>
- <name>servicePrivacyURL</name>
- <tag-class>net.shibboleth.idp.ui.taglib.ServicePrivacyURLTag</tag-class>
- <body-content>scriptless</body-content>
- <attribute>
- <name>linkText</name>
- <required>true</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssId</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssClass</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssStyle</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>uiContext</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- <type>net.shibboleth.idp.ui.context.RelyingPartyUIContext</type>
- </attribute>
- </tag>
-
- <tag>
- <description>Service Information URL - directly from the metadata if present</description>
- <name>serviceInformationURL</name>
- <tag-class>net.shibboleth.idp.ui.taglib.ServiceInformationURLTag</tag-class>
- <body-content>scriptless</body-content>
- <attribute>
- <name>linkText</name>
- <required>true</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssId</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssClass</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssStyle</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>uiContext</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- <type>net.shibboleth.idp.ui.context.RelyingPartyUIContext</type>
- </attribute>
- </tag>
-
- <tag>
- <description>Logo for the SP</description>
- <name>serviceLogo</name>
- <tag-class>net.shibboleth.idp.ui.taglib.ServiceLogoTag</tag-class>
- <body-content>scriptless</body-content>
- <attribute>
- <name>alt</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>minHeight</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>maxHeight</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>minWidth</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>maxWidth</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssId</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssClass</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssStyle</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>uiContext</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- <type>net.shibboleth.idp.ui.context.RelyingPartyUIContext</type>
- </attribute>
- </tag>
-
- <tag>
- <description>Service Organization Name - directly from the metadata if present</description>
- <name>organizationName</name>
- <tag-class>net.shibboleth.idp.ui.taglib.OrganizationNameTag</tag-class>
- <body-content>scriptless</body-content>
- <attribute>
- <name>uiContext</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- <type>net.shibboleth.idp.ui.context.RelyingPartyUIContext</type>
- </attribute>
- </tag>
-
- <tag>
- <description>Service Organization Display Name - directly from the metadata if present</description>
- <name>organizationDisplayName</name>
- <tag-class>net.shibboleth.idp.ui.taglib.OrganizationDisplayNameTag</tag-class>
- <body-content>scriptless</body-content>
- <attribute>
- <name>uiContext</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- <type>net.shibboleth.idp.ui.context.RelyingPartyUIContext</type>
- </attribute>
- </tag>
-
- <tag>
- <description>Service Organization URL - directly from the metadata if present</description>
- <name>organizationURL</name>
- <tag-class>net.shibboleth.idp.ui.taglib.OrganizationURLTag</tag-class>
- <body-content>scriptless</body-content>
- <attribute>
- <name>linkText</name>
- <required>true</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssId</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssClass</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>cssStyle</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <name>uiContext</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- <type>net.shibboleth.idp.ui.context.RelyingPartyUIContext</type>
- </attribute>
- </tag>
-
-</taglib>
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/jsp/metadata.jsp b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/jsp/metadata.jsp
deleted file mode 100644
index b7ab312..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/jsp/metadata.jsp
+++ /dev/null
@@ -1,41 +0,0 @@
-<%
-final org.springframework.web.context.WebApplicationContext springContext =
- org.springframework.web.context.support.WebApplicationContextUtils.getRequiredWebApplicationContext(request.getServletContext());
-
-String path = springContext.getEnvironment().getProperty("idp.entityID.metadataFile");
-if (path != null) {
- path = springContext.getEnvironment().resolvePlaceholders(path.replace("%{", "${"));
-} else {
- path = springContext.getEnvironment().getProperty("idp.home") + "/metadata/idp-metadata.xml";
-}
-
-if (path.isEmpty()) {
- response.sendError(404);
-} else {
- final String acceptHeader = request.getHeader("Accept");
- if (acceptHeader != null && !acceptHeader.contains("application/samlmetadata+xml")) {
- response.setContentType("application/xml");
- } else {
- response.setContentType("application/samlmetadata+xml");
- }
-
- java.io.InputStreamReader in = null;
- try {
- in = new java.io.InputStreamReader(new java.io.FileInputStream(path),"UTF8");
- int i;
- while ((i = in.read()) != -1) {
- out.write(i);
- }
- } catch (final java.io.IOException e) {
- out.println(e.getMessage());
- return;
- } finally {
- if (null != in) {
- try {
- in.close();
- } catch (java.io.IOException e) {
- }
- }
- }
-}
-%>
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/jsp/status.jsp b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/jsp/status.jsp
deleted file mode 100644
index 69f1992..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/jsp/status.jsp
+++ /dev/null
@@ -1,161 +0,0 @@
-<%@ page language="java" contentType="text/plain; charset=UTF-8" pageEncoding="UTF-8"%>
-<%@ page trimDirectiveWhitespaces="true" %>
-<%@ page import="java.util.ArrayList" %>
-<%@ page import="java.util.Map" %>
-<%@ page import="java.util.Set" %>
-<%@ page import="java.util.Map.Entry" %>
-<%@ page import="java.util.Collection" %>
-<%@ page import="java.util.Collections" %>
-<%@ page import="java.util.Optional" %>
-<%@ page import="java.util.ServiceLoader" %>
-<%@ page import="java.util.ServiceLoader.Provider" %>
-<%@ page import="java.time.Duration" %>
-<%@ page import="java.time.Instant" %>
-<%@ page import="java.time.format.DateTimeFormatter" %>
-<%@ page import="org.springframework.core.env.Environment" %>
-<%@ page import="org.springframework.webflow.execution.RequestContext" %>
-<%@ page import="net.shibboleth.idp.Version" %>
-<%@ page import="com.codahale.metrics.MetricSet" %>
-<%@ page import="com.codahale.metrics.Gauge" %>
-<%@ page import="net.shibboleth.idp.module.IdPModule" %>
-<%@ page import="net.shibboleth.idp.plugin.IdPPlugin" %>
-<%@ page import="net.shibboleth.profile.module.ModuleContext" %>
-<%@ page import="net.shibboleth.shared.component.IdentifiedComponent" %>
-<%@ page import="net.shibboleth.shared.service.ReloadableService" %>
-<%
-final RequestContext requestContext = (RequestContext) request.getAttribute("flowRequestContext");
-final DateTimeFormatter dateTimeFormatter = DateTimeFormatter.ISO_INSTANT;
-final Instant now = Instant.now();
-final Instant startupTime = Instant.ofEpochMilli(requestContext.getActiveFlow().getApplicationContext().getParent().getStartupDate());
-%>### Operating Environment Information
-operating_system: <%= System.getProperty("os.name") %>
-operating_system_version: <%= System.getProperty("os.version") %>
-operating_system_architecture: <%= System.getProperty("os.arch") %>
-jdk_version: <%= System.getProperty("java.version") %>
-available_cores: <%= Runtime.getRuntime().availableProcessors() %>
-used_memory: <%= (Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()) / 1048576 %> MB
-maximum_memory: <%= Runtime.getRuntime().maxMemory() / 1048576 %> MB
-
-### Identity Provider Information
-idp_version: <%= Version.getVersion() %>
-start_time: <%= dateTimeFormatter.format(startupTime) %>
-current_time: <%= dateTimeFormatter.format(now) %>
-uptime: <%= Duration.ofMillis(now.toEpochMilli() - startupTime.toEpochMilli()).toString() %>
-
-<%
-out.println();
-out.println();
-out.println("enabled modules: ");
-final ModuleContext moduleContext =
- new ModuleContext(((Environment) request.getAttribute("environment")).getProperty("idp.home"));
-for (final IdPModule module : ServiceLoader.load(IdPModule.class)) {
- if (module.isEnabled(moduleContext)) {
- out.println("\t" + module.getId() + " (" + module.getName(moduleContext) + ")");
- }
-}
-out.println();
-
-out.println("installed plugins: ");
-for (final IdPPlugin plugin : ServiceLoader.load(IdPPlugin.class)) {
- out.println("\t" + plugin.getPluginId() + " Version " + plugin.getMajorVersion() + "." + plugin.getMinorVersion() + "." + plugin.getPatchVersion());
-}
-out.println();
-
-
-for (final ReloadableService service : (Collection<ReloadableService>) request.getAttribute("services")) {
- final Instant successfulReload = service.getLastSuccessfulReloadInstant();
- final Instant lastReload = service.getLastReloadAttemptInstant();
- final Throwable cause = service.getReloadFailureCause();
-
- out.println("service: " + ((IdentifiedComponent) service).getId());
- if (successfulReload != null) {
- out.println("last successful reload attempt: " + dateTimeFormatter.format(successfulReload));
- }
- if (lastReload != null) {
- out.println("last reload attempt: " + dateTimeFormatter.format(lastReload));
- }
- if (cause != null) {
- out.println("last failure cause: " + cause.getClass().getName() + ": " + cause.getMessage());
- }
-
- out.println();
-
- if (((IdentifiedComponent) service).getId().contains("Metadata")) {
-
- final MetricSet metrics = (MetricSet) request.getAttribute("metadataResolverGaugeSet");
- if (metrics == null || metrics.getMetrics().get("net.shibboleth.idp.metadata.refresh") == null) {
- out.println("No Metadata Resolver Gauge Set Found");
- continue;
- }
- final Gauge<Map<String,Instant>> refreshes = (Gauge<Map<String,Instant>>) metrics.getMetrics().get("net.shibboleth.idp.metadata.refresh");
- final Gauge<Map<String,Instant>> updates = (Gauge<Map<String,Instant>>) metrics.getMetrics().get("net.shibboleth.idp.metadata.update");
- final Gauge<Map<String,Instant>> successes = (Gauge<Map<String,Instant>>) metrics.getMetrics().get("net.shibboleth.idp.metadata.successfulRefresh");
- final Gauge<Map<String,Instant>> rootValids = (Gauge<Map<String,Instant>>) metrics.getMetrics().get("net.shibboleth.idp.metadata.rootValidUntil");
- final Gauge<Map<String,String>> errors = (Gauge<Map<String,String>>) metrics.getMetrics().get("net.shibboleth.idp.metadata.error");
-
- Set<Entry<String, Instant>> entrySet = refreshes.getValue().entrySet();
- if (entrySet.isEmpty()) {
- out.println("\tNo Metadata Resolver has ever attempted a reload");
- out.println();
- continue;
- }
- for (final Entry<String, Instant> mr : entrySet) {
- final String resolverId = mr.getKey();
- final Instant lastRefresh = mr.getValue();
- final Instant lastUpdate = updates == null ? null : updates.getValue().get(resolverId);
- final Instant lastSuccessfulRefresh = successes == null ? null : successes.getValue().get(resolverId);
- final Instant rootValidUntil = rootValids == null ? null : rootValids.getValue().get(resolverId);
- final String lastError = errors == null ? null : errors.getValue().get(resolverId);
-
- out.println("\tmetadata source: " + resolverId);
- if (lastRefresh != null) {
- out.println("\tlast refresh attempt: " + dateTimeFormatter.format(lastRefresh));
- }
- if (lastSuccessfulRefresh != null) {
- out.println("\tlast successful refresh: " + dateTimeFormatter.format(lastSuccessfulRefresh));
- }
- if (lastUpdate != null) {
- out.println("\tlast update: " + dateTimeFormatter.format(lastUpdate));
- }
- if (lastError != null) {
- out.println("\tlast error: " + lastError);
- }
- if (rootValidUntil != null) {
- out.println("\troot validUntil: " + dateTimeFormatter.format(rootValidUntil));
- }
- out.println();
- }
- } else if (((IdentifiedComponent) service).getId().contains("AttributeResolver")) {
-
- final MetricSet metrics = (MetricSet) request.getAttribute("attributeResolverGaugeSet");
- if (metrics == null || metrics.getMetrics().get("net.shibboleth.idp.attribute.resolver.failure") == null) {
- out.println("No Attribute Resolver Gauge Set Found");
- continue;
- }
- final Gauge<Map<String,Instant>> failGauge =
- (Gauge<Map<String,Instant>>) metrics.getMetrics().get("net.shibboleth.idp.attribute.resolver.failure");
- final Set<Entry<String,Instant>> failSet = failGauge.getValue().entrySet();
- if (failSet.isEmpty()) {
- out.println("\tNo Data Connector has ever failed");
- out.println();
- continue;
- }
- final Gauge<Map<String,Instant>> successGauge =
- (Gauge<Map<String,Instant>>) metrics.getMetrics().get("net.shibboleth.idp.attribute.resolver.success");
- final Map<String,Instant> successMap = successGauge.getValue();
- final ArrayList<String> failingConnectors = new ArrayList<>();
- for (final Entry<String, Instant> en : failSet) {
- final String connectorId = en.getKey();
- final Instant lastFail = en.getValue();
- out.println("\tDataConnector " + connectorId + ": last failed at " + dateTimeFormatter.format(lastFail));
- out.println();
- final Instant lastSuccess = successMap.get(connectorId);
- if (lastSuccess == null || lastSuccess.isBefore(lastFail)) {
- failingConnectors.add(connectorId);
- }
- }
- out.println("\tCurrently failing: " + failingConnectors);
- out.println();
- }
-}
-%>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/annotations-17.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/annotations-17.0.0.jar
deleted file mode 100644
index 477f7d0..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/annotations-17.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/bcpkix-jdk18on-1.76.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/bcpkix-jdk18on-1.76.jar
deleted file mode 100644
index 16c2f0b..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/bcpkix-jdk18on-1.76.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/bcprov-jdk18on-1.76.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/bcprov-jdk18on-1.76.jar
deleted file mode 100644
index c0c8994..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/bcprov-jdk18on-1.76.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/bcutil-jdk18on-1.76.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/bcutil-jdk18on-1.76.jar
deleted file mode 100644
index 2c2ab91..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/bcutil-jdk18on-1.76.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/checker-qual-3.33.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/checker-qual-3.33.0.jar
deleted file mode 100644
index 61761fd..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/checker-qual-3.33.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-codec-1.16.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-codec-1.16.0.jar
deleted file mode 100644
index 854fc7e..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-codec-1.16.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-compiler-3.1.10.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-compiler-3.1.10.jar
deleted file mode 100644
index 0f6dfe2..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-compiler-3.1.10.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-dbcp2-2.9.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-dbcp2-2.9.0.jar
deleted file mode 100644
index ddfd42c..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-dbcp2-2.9.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-lang3-3.13.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-lang3-3.13.0.jar
deleted file mode 100644
index 891540f..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-lang3-3.13.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-pool2-2.10.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-pool2-2.10.0.jar
deleted file mode 100644
index 4f8e0df..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/commons-pool2-2.10.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/cryptacular-1.2.6.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/cryptacular-1.2.6.jar
deleted file mode 100644
index 2a30d70..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/cryptacular-1.2.6.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/error_prone_annotations-2.18.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/error_prone_annotations-2.18.0.jar
deleted file mode 100644
index e072fe0..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/error_prone_annotations-2.18.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/failureaccess-1.0.1.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/failureaccess-1.0.1.jar
deleted file mode 100644
index 9b56dc7..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/failureaccess-1.0.1.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/guava-32.1.2-jre.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/guava-32.1.2-jre.jar
deleted file mode 100644
index e71fd46..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/guava-32.1.2-jre.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/httpclient5-5.2.1.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/httpclient5-5.2.1.jar
deleted file mode 100644
index b9cdadc..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/httpclient5-5.2.1.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/httpclient5-cache-5.2.1.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/httpclient5-cache-5.2.1.jar
deleted file mode 100644
index b5421d0..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/httpclient5-cache-5.2.1.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/httpcore5-5.2.2.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/httpcore5-5.2.2.jar
deleted file mode 100644
index d6582fa..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/httpcore5-5.2.2.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/httpcore5-h2-5.2.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/httpcore5-h2-5.2.jar
deleted file mode 100644
index eada8eb..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/httpcore5-h2-5.2.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-admin-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-admin-api-5.0.0.jar
deleted file mode 100644
index 3405153..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-admin-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-admin-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-admin-impl-5.0.0.jar
deleted file mode 100644
index c47674f..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-admin-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-authn-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-authn-api-5.0.0.jar
deleted file mode 100644
index b30f214..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-authn-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-authn-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-authn-impl-5.0.0.jar
deleted file mode 100644
index aa89042..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-authn-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-cas-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-cas-api-5.0.0.jar
deleted file mode 100644
index dfd1bd1..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-cas-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-cas-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-cas-impl-5.0.0.jar
deleted file mode 100644
index 4c2451a..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-cas-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-conf-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-conf-impl-5.0.0.jar
deleted file mode 100644
index be2fd09..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-conf-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-consent-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-consent-api-5.0.0.jar
deleted file mode 100644
index 2270219..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-consent-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-consent-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-consent-impl-5.0.0.jar
deleted file mode 100644
index f4f52f6..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-consent-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-core-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-core-5.0.0.jar
deleted file mode 100644
index 652270e..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-core-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-profile-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-profile-api-5.0.0.jar
deleted file mode 100644
index a32cc4e..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-profile-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-profile-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-profile-impl-5.0.0.jar
deleted file mode 100644
index 97c2d60..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-profile-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-saml-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-saml-api-5.0.0.jar
deleted file mode 100644
index 6483d10..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-saml-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-saml-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-saml-impl-5.0.0.jar
deleted file mode 100644
index fa2bbf9..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-saml-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-schema-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-schema-5.0.0.jar
deleted file mode 100644
index 1980fae..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-schema-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-session-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-session-api-5.0.0.jar
deleted file mode 100644
index 0d9bcc7..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-session-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-session-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-session-impl-5.0.0.jar
deleted file mode 100644
index a59113a..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-session-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-spring-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-spring-5.0.0.jar
deleted file mode 100644
index 7fa620b..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-spring-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-ui-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-ui-5.0.0.jar
deleted file mode 100644
index 18c9535..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/idp-ui-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/j2objc-annotations-2.8.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/j2objc-annotations-2.8.jar
deleted file mode 100644
index 3595c4f..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/j2objc-annotations-2.8.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jackson-annotations-2.15.2.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jackson-annotations-2.15.2.jar
deleted file mode 100644
index f8799c3..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jackson-annotations-2.15.2.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jackson-core-2.15.2.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jackson-core-2.15.2.jar
deleted file mode 100644
index a0e7486..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jackson-core-2.15.2.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jackson-databind-2.15.2.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jackson-databind-2.15.2.jar
deleted file mode 100644
index 86f9a86..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jackson-databind-2.15.2.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jackson-datatype-jsr310-2.15.2.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jackson-datatype-jsr310-2.15.2.jar
deleted file mode 100644
index 8fa20e9..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jackson-datatype-jsr310-2.15.2.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jakarta.activation-2.0.1.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jakarta.activation-2.0.1.jar
deleted file mode 100644
index 521c7c4..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jakarta.activation-2.0.1.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jakarta.json-2.0.1.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jakarta.json-2.0.1.jar
deleted file mode 100644
index e6d094a..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jakarta.json-2.0.1.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jakarta.mail-2.0.1.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jakarta.mail-2.0.1.jar
deleted file mode 100644
index 17e07cc..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jakarta.mail-2.0.1.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/janino-3.1.10.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/janino-3.1.10.jar
deleted file mode 100644
index a876fbd..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/janino-3.1.10.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jsonapi-converter-0.13.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jsonapi-converter-0.13.jar
deleted file mode 100644
index 36fbfb4..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jsonapi-converter-0.13.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jsr305-3.0.2.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jsr305-3.0.2.jar
deleted file mode 100644
index 59222d9..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jsr305-3.0.2.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jul-to-slf4j-2.0.7.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jul-to-slf4j-2.0.7.jar
deleted file mode 100644
index 11ed9ff..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/jul-to-slf4j-2.0.7.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/ldaptive-2.2.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/ldaptive-2.2.0.jar
deleted file mode 100644
index fafab70..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/ldaptive-2.2.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar
deleted file mode 100644
index 45832c0..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/log4j-over-slf4j-2.0.7.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/log4j-over-slf4j-2.0.7.jar
deleted file mode 100644
index 894ad61..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/log4j-over-slf4j-2.0.7.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/logback-classic-1.4.11.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/logback-classic-1.4.11.jar
deleted file mode 100644
index c6a0353..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/logback-classic-1.4.11.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/logback-core-1.4.11.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/logback-core-1.4.11.jar
deleted file mode 100644
index fa630c9..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/logback-core-1.4.11.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/metrics-core-4.2.19.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/metrics-core-4.2.19.jar
deleted file mode 100644
index e424746..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/metrics-core-4.2.19.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/metrics-json-4.2.19.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/metrics-json-4.2.19.jar
deleted file mode 100644
index 6621aeb..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/metrics-json-4.2.19.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/metrics-jvm-4.2.19.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/metrics-jvm-4.2.19.jar
deleted file mode 100644
index 2b1538e..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/metrics-jvm-4.2.19.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/micrometer-commons-1.10.9.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/micrometer-commons-1.10.9.jar
deleted file mode 100644
index 5aab282..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/micrometer-commons-1.10.9.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/micrometer-observation-1.10.9.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/micrometer-observation-1.10.9.jar
deleted file mode 100644
index c1765b0..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/micrometer-observation-1.10.9.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-buffer-4.1.96.Final.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-buffer-4.1.96.Final.jar
deleted file mode 100644
index 354486b..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-buffer-4.1.96.Final.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-codec-4.1.96.Final.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-codec-4.1.96.Final.jar
deleted file mode 100644
index 7101971..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-codec-4.1.96.Final.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-common-4.1.96.Final.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-common-4.1.96.Final.jar
deleted file mode 100644
index c9eff76..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-common-4.1.96.Final.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-handler-4.1.96.Final.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-handler-4.1.96.Final.jar
deleted file mode 100644
index ec36faa..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-handler-4.1.96.Final.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-resolver-4.1.96.Final.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-resolver-4.1.96.Final.jar
deleted file mode 100644
index 29e08ed..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-resolver-4.1.96.Final.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-4.1.96.Final.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-4.1.96.Final.jar
deleted file mode 100644
index ddf8deb..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-4.1.96.Final.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-classes-epoll-4.1.96.Final.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-classes-epoll-4.1.96.Final.jar
deleted file mode 100644
index dad7911..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-classes-epoll-4.1.96.Final.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-classes-kqueue-4.1.96.Final.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-classes-kqueue-4.1.96.Final.jar
deleted file mode 100644
index a5f6a8e..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-classes-kqueue-4.1.96.Final.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-epoll-4.1.96.Final-linux-aarch_64.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-epoll-4.1.96.Final-linux-aarch_64.jar
deleted file mode 100644
index b631cce..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-epoll-4.1.96.Final-linux-aarch_64.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-epoll-4.1.96.Final-linux-x86_64.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-epoll-4.1.96.Final-linux-x86_64.jar
deleted file mode 100644
index 1252ab3..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-epoll-4.1.96.Final-linux-x86_64.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-kqueue-4.1.96.Final-osx-aarch_64.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-kqueue-4.1.96.Final-osx-aarch_64.jar
deleted file mode 100644
index c9d0213..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-kqueue-4.1.96.Final-osx-aarch_64.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-kqueue-4.1.96.Final-osx-x86_64.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-kqueue-4.1.96.Final-osx-x86_64.jar
deleted file mode 100644
index 4ef4beb..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-kqueue-4.1.96.Final-osx-x86_64.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-unix-common-4.1.96.Final.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-unix-common-4.1.96.Final.jar
deleted file mode 100644
index f8dfc95..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/netty-transport-native-unix-common-4.1.96.Final.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-core-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-core-api-5.0.0.jar
deleted file mode 100644
index f2904fe..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-core-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-core-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-core-impl-5.0.0.jar
deleted file mode 100644
index c95d7f2..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-core-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-messaging-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-messaging-api-5.0.0.jar
deleted file mode 100644
index 8416122..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-messaging-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-messaging-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-messaging-impl-5.0.0.jar
deleted file mode 100644
index 5c3650d..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-messaging-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-profile-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-profile-api-5.0.0.jar
deleted file mode 100644
index c76ceff..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-profile-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-profile-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-profile-impl-5.0.0.jar
deleted file mode 100644
index a738b7f..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-profile-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-saml-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-saml-api-5.0.0.jar
deleted file mode 100644
index adc8114..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-saml-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-saml-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-saml-impl-5.0.0.jar
deleted file mode 100644
index 394401c..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-saml-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-security-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-security-api-5.0.0.jar
deleted file mode 100644
index 241f727..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-security-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-security-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-security-impl-5.0.0.jar
deleted file mode 100644
index 054b998..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-security-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-soap-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-soap-api-5.0.0.jar
deleted file mode 100644
index 7517aad..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-soap-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-soap-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-soap-impl-5.0.0.jar
deleted file mode 100644
index afa9a8a..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-soap-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-spring-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-spring-5.0.0.jar
deleted file mode 100644
index e927908..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-spring-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-storage-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-storage-api-5.0.0.jar
deleted file mode 100644
index 33efa55..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-storage-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-storage-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-storage-impl-5.0.0.jar
deleted file mode 100644
index a36b309..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-storage-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-xmlsec-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-xmlsec-api-5.0.0.jar
deleted file mode 100644
index 022b670..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-xmlsec-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-xmlsec-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-xmlsec-impl-5.0.0.jar
deleted file mode 100644
index eee6cb2..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/opensaml-xmlsec-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-api-5.0.0.jar
deleted file mode 100644
index 22a36d6..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-filter-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-filter-api-5.0.0.jar
deleted file mode 100644
index 2165593..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-filter-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-filter-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-filter-impl-5.0.0.jar
deleted file mode 100644
index 58b0076..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-filter-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-filter-spring-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-filter-spring-5.0.0.jar
deleted file mode 100644
index 8eb3118..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-filter-spring-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-impl-5.0.0.jar
deleted file mode 100644
index 58b184f..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-resolver-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-resolver-api-5.0.0.jar
deleted file mode 100644
index 52a7d74..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-resolver-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-resolver-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-resolver-impl-5.0.0.jar
deleted file mode 100644
index c73807e..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-resolver-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-resolver-spring-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-resolver-spring-5.0.0.jar
deleted file mode 100644
index 1d8a4e1..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-attribute-resolver-spring-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-metadata-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-metadata-api-5.0.0.jar
deleted file mode 100644
index 6737038..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-metadata-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-metadata-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-metadata-impl-5.0.0.jar
deleted file mode 100644
index af21162..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-metadata-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-metadata-spring-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-metadata-spring-5.0.0.jar
deleted file mode 100644
index b8cff51..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-metadata-spring-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-networking-9.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-networking-9.0.0.jar
deleted file mode 100644
index 1546f93..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-networking-9.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-networking-spring-9.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-networking-spring-9.0.0.jar
deleted file mode 100644
index 042fd83..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-networking-spring-9.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-profile-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-profile-api-5.0.0.jar
deleted file mode 100644
index f6a4d89..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-profile-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-profile-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-profile-impl-5.0.0.jar
deleted file mode 100644
index 8a2abbb..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-profile-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-saml-attribute-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-saml-attribute-api-5.0.0.jar
deleted file mode 100644
index 43cf985..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-saml-attribute-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-saml-attribute-impl-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-saml-attribute-impl-5.0.0.jar
deleted file mode 100644
index 0b65d0f..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-saml-attribute-impl-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-saml-profile-api-5.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-saml-profile-api-5.0.0.jar
deleted file mode 100644
index 6cf87cd..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-saml-profile-api-5.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-security-9.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-security-9.0.0.jar
deleted file mode 100644
index 039d3b2..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-security-9.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-security-spring-9.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-security-spring-9.0.0.jar
deleted file mode 100644
index 3a98139..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-security-spring-9.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-service-9.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-service-9.0.0.jar
deleted file mode 100644
index 607ecdc..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-service-9.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-spring-9.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-spring-9.0.0.jar
deleted file mode 100644
index 75f8899..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-spring-9.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-support-9.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-support-9.0.0.jar
deleted file mode 100644
index 083378e..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-support-9.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-velocity-9.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-velocity-9.0.0.jar
deleted file mode 100644
index 12fc8ee..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-velocity-9.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-velocity-spring-9.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-velocity-spring-9.0.0.jar
deleted file mode 100644
index 83f7e61..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/shib-velocity-spring-9.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/slf4j-api-2.0.7.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/slf4j-api-2.0.7.jar
deleted file mode 100644
index be5447c..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/slf4j-api-2.0.7.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-aop-6.0.11.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-aop-6.0.11.jar
deleted file mode 100644
index b85ac74..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-aop-6.0.11.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-beans-6.0.11.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-beans-6.0.11.jar
deleted file mode 100644
index 1d04717..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-beans-6.0.11.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-binding-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-binding-3.0.0.jar
deleted file mode 100644
index 30411bd..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-binding-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-context-6.0.11.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-context-6.0.11.jar
deleted file mode 100644
index 3cf20fd..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-context-6.0.11.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-core-6.0.11.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-core-6.0.11.jar
deleted file mode 100644
index aa98cb5..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-core-6.0.11.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-expression-6.0.11.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-expression-6.0.11.jar
deleted file mode 100644
index b7ec1ec..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-expression-6.0.11.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-jcl-6.0.11.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-jcl-6.0.11.jar
deleted file mode 100644
index 634f654..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-jcl-6.0.11.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-web-6.0.11.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-web-6.0.11.jar
deleted file mode 100644
index 45d0248..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-web-6.0.11.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-webflow-3.0.0.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-webflow-3.0.0.jar
deleted file mode 100644
index 749e092..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-webflow-3.0.0.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-webmvc-6.0.11.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-webmvc-6.0.11.jar
deleted file mode 100644
index 8dc88a0..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spring-webmvc-6.0.11.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spymemcached-2.12.3.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spymemcached-2.12.3.jar
deleted file mode 100644
index 5635944..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/spymemcached-2.12.3.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/velocity-engine-core-2.3.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/velocity-engine-core-2.3.jar
deleted file mode 100644
index 879a7b4..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/velocity-engine-core-2.3.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/xmlsec-3.0.2.jar b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/xmlsec-3.0.2.jar
deleted file mode 100644
index aca0482..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/lib/xmlsec-3.0.2.jar and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/spring.tld b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/spring.tld
deleted file mode 100644
index 33eeaf1..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/spring.tld
+++ /dev/null
@@ -1,467 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<taglib xmlns="http://java.sun.com/xml/ns/j2ee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd"
- version="2.0">
-
- <description>Spring Framework JSP Tag Library</description>
- <tlib-version>4.0</tlib-version>
- <short-name>spring</short-name>
- <uri>http://www.springframework.org/tags</uri>
-
- <tag>
- <description>Sets default HTML escape value for the current page.
- Overrides a "defaultHtmlEscape" context-param in web.xml, if any.</description>
- <name>htmlEscape</name>
- <tag-class>org.springframework.web.servlet.tags.HtmlEscapeTag</tag-class>
- <body-content>JSP</body-content>
- <attribute>
- <description>Set the default value for HTML escaping, to be put
- into the current PageContext.</description>
- <name>defaultHtmlEscape</name>
- <required>true</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- </tag>
-
- <tag>
- <description>Escapes its enclosed body content, applying HTML escaping and/or JavaScript
- escaping. The HTML escaping flag participates in a page-wide or application-wide setting
- (i.e. by HtmlEscapeTag or a "defaultHtmlEscape" context-param in web.xml).</description>
- <name>escapeBody</name>
- <tag-class>org.springframework.web.servlet.tags.EscapeBodyTag</tag-class>
- <body-content>JSP</body-content>
- <attribute>
- <description>Set HTML escaping for this tag, as boolean value. Overrides the
- default HTML escaping setting for the current page.</description>
- <name>htmlEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set JavaScript escaping for this tag, as boolean value.
- Default is 'false'.</description>
- <name>javaScriptEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- </tag>
-
- <tag>
- <description>Retrieves the message with the given code, or text if code isn't resolvable.
- The HTML escaping flag participates in a page-wide or application-wide setting
- (i.e. by HtmlEscapeTag or a "defaultHtmlEscape" context-param in web.xml).</description>
- <name>message</name>
- <tag-class>org.springframework.web.servlet.tags.MessageTag</tag-class>
- <body-content>JSP</body-content>
- <attribute>
- <description>A MessageSourceResolvable argument (direct or through JSP EL).
- Fits nicely when used in conjunction with Spring's own validation error classes
- which all implement the MessageSourceResolvable interface. For example, this
- allows you to iterate over all of the errors in a form, passing each error
- (using a runtime expression) as the value of this 'message' attribute, thus
- effecting the easy display of such error messages.</description>
- <name>message</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The code (key) to use when looking up the message.
- If code is not provided, the text attribute will be used.</description>
- <name>code</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set optional message arguments for this tag, as a (comma-)
- delimited String (each String argument can contain JSP EL), an Object array
- (used as argument array), or a single Object (used as single argument).
- You can additionally use nested spring:argument tags.</description>
- <name>arguments</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The separator character to be used for splitting the
- arguments string value; defaults to a 'comma' (',').</description>
- <name>argumentSeparator</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Default text to output when a message for the given code
- could not be found. If both text and code are not set, the tag will
- output null.</description>
- <name>text</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The string to use when binding the result to the page,
- request, session or application scope. If not specified, the result
- gets outputted to the writer (i.e. typically directly to the JSP).</description>
- <name>var</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The scope to use when exporting the result to a variable.
- This attribute is only used when var is also set. Possible values are
- page, request, session and application.</description>
- <name>scope</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set HTML escaping for this tag, as boolean value.
- Overrides the default HTML escaping setting for the current page.</description>
- <name>htmlEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set JavaScript escaping for this tag, as boolean value.
- Default is 'false'.</description>
- <name>javaScriptEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- </tag>
-
- <tag>
- <description>Retrieves the theme message with the given code, or text if code isn't
- resolvable. The HTML escaping flag participates in a page-wide or application-wide setting
- (i.e. by HtmlEscapeTag or a "defaultHtmlEscape" context-param in web.xml).</description>
- <name>theme</name>
- <tag-class>org.springframework.web.servlet.tags.ThemeTag</tag-class>
- <body-content>JSP</body-content>
- <attribute>
- <description>A MessageSourceResolvable argument (direct or through JSP EL).</description>
- <name>message</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The code (key) to use when looking up the message.
- If code is not provided, the text attribute will be used.</description>
- <name>code</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set optional message arguments for this tag, as a (comma-)
- delimited String (each String argument can contain JSP EL), an Object array
- (used as argument array), or a single Object (used as single argument).
- You can additionally use nested spring:argument tags.</description>
- <name>arguments</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The separator character to be used for splitting the
- arguments string value; defaults to a 'comma' (',').</description>
- <name>argumentSeparator</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Default text to output when a message for the given code
- could not be found. If both text and code are not set, the tag will
- output null.</description>
- <name>text</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The string to use when binding the result to the page,
- request, session or application scope. If not specified, the result
- gets outputted to the writer (i.e. typically directly to the JSP).</description>
- <name>var</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The scope to use when exporting the result to a variable.
- This attribute is only used when var is also set. Possible values are
- page, request, session and application.</description>
- <name>scope</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set HTML escaping for this tag, as boolean value.
- Overrides the default HTML escaping setting for the current page.</description>
- <name>htmlEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set JavaScript escaping for this tag, as boolean value.
- Default is 'false'.</description>
- <name>javaScriptEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- </tag>
-
- <tag>
- <description>Argument tag based on the JSTL fmt:param tag. The purpose is to
- support arguments inside the spring:message and spring:theme tags.</description>
- <name>argument</name>
- <tag-class>org.springframework.web.servlet.tags.ArgumentTag</tag-class>
- <body-content>JSP</body-content>
- <attribute>
- <description>The value of the argument.</description>
- <name>value</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- <type>java.lang.Object</type>
- </attribute>
- </tag>
-
- <tag>
- <description>Provides Errors instance in case of bind errors. The HTML escaping
- flag participates in a page-wide or application-wide setting (i.e. by HtmlEscapeTag
- or a "defaultHtmlEscape" context-param in web.xml).</description>
- <name>hasBindErrors</name>
- <tag-class>org.springframework.web.servlet.tags.BindErrorsTag</tag-class>
- <body-content>JSP</body-content>
- <variable>
- <name-given>errors</name-given>
- <variable-class>org.springframework.validation.Errors</variable-class>
- </variable>
- <attribute>
- <description>The name of the bean in the request, that needs to be
- inspected for errors. If errors are available for this bean, they
- will be bound under the 'errors' key.</description>
- <name>name</name>
- <required>true</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set HTML escaping for this tag, as boolean value.
- Overrides the default HTML escaping setting for the current page.</description>
- <name>htmlEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- </tag>
-
- <tag>
- <description>Sets a nested path to be used by the bind tag's path.</description>
- <name>nestedPath</name>
- <tag-class>org.springframework.web.servlet.tags.NestedPathTag</tag-class>
- <body-content>JSP</body-content>
- <variable>
- <name-given>nestedPath</name-given>
- <variable-class>java.lang.String</variable-class>
- </variable>
- <attribute>
- <description>Set the path that this tag should apply. E.g. 'customer'
- to allow bind paths like 'address.street' rather than
- 'customer.address.street'.</description>
- <name>path</name>
- <required>true</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- </tag>
-
- <tag>
- <description>Provides BindStatus object for the given bind path. The HTML escaping
- flag participates in a page-wide or application-wide setting (i.e. by HtmlEscapeTag
- or a "defaultHtmlEscape" context-param in web.xml).</description>
- <name>bind</name>
- <tag-class>org.springframework.web.servlet.tags.BindTag</tag-class>
- <body-content>JSP</body-content>
- <variable>
- <name-given>status</name-given>
- <variable-class>org.springframework.web.servlet.support.BindStatus</variable-class>
- </variable>
- <attribute>
- <description>The path to the bean or bean property to bind status
- information for. For instance account.name, company.address.zipCode
- or just employee. The status object will exported to the page scope,
- specifically for this bean or bean property.</description>
- <name>path</name>
- <required>true</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set whether to ignore a nested path, if any.
- Default is to not ignore.</description>
- <name>ignoreNestedPath</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set HTML escaping for this tag, as boolean value. Overrides
- the default HTML escaping setting for the current page.</description>
- <name>htmlEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- </tag>
-
- <tag>
- <description>Provides transformation of variables to Strings, using an appropriate
- custom PropertyEditor from BindTag (can only be used inside BindTag). The HTML
- escaping flag participates in a page-wide or application-wide setting (i.e. by
- HtmlEscapeTag or a 'defaultHtmlEscape' context-param in web.xml).</description>
- <name>transform</name>
- <tag-class>org.springframework.web.servlet.tags.TransformTag</tag-class>
- <body-content>JSP</body-content>
- <attribute>
- <description>The value to transform. This is the actual object you want
- to have transformed (for instance a Date). Using the PropertyEditor that
- is currently in use by the 'spring:bind' tag.</description>
- <name>value</name>
- <required>true</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The string to use when binding the result to the page,
- request, session or application scope. If not specified, the result gets
- outputted to the writer (i.e. typically directly to the JSP).</description>
- <name>var</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The scope to use when exported the result to a variable.
- This attribute is only used when var is also set. Possible values are
- page, request, session and application.</description>
- <name>scope</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set HTML escaping for this tag, as boolean value. Overrides
- the default HTML escaping setting for the current page.</description>
- <name>htmlEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- </tag>
-
- <tag>
- <description>URL tag based on the JSTL c:url tag. This variant is fully
- backwards compatible with the standard tag. Enhancements include support
- for URL template parameters.</description>
- <name>url</name>
- <tag-class>org.springframework.web.servlet.tags.UrlTag</tag-class>
- <body-content>JSP</body-content>
- <attribute>
- <description>The URL to build. This value can include template place holders
- that are replaced with the URL encoded value of the named parameter. Parameters
- must be defined using the param tag inside the body of this tag.</description>
- <name>value</name>
- <required>true</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Specifies a remote application context path. The default is the
- current application context path.</description>
- <name>context</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The name of the variable to export the URL value to.</description>
- <name>var</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The scope for the var. 'application', 'session', 'request' and
- 'page' scopes are supported. Defaults to page scope. This attribute has no
- effect unless the var attribute is also defined.</description>
- <name>scope</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set HTML escaping for this tag, as a boolean value. Overrides the
- default HTML escaping setting for the current page.</description>
- <name>htmlEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set JavaScript escaping for this tag, as a boolean value.
- Default is 'false'.</description>
- <name>javaScriptEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- </tag>
-
- <tag>
- <description>Parameter tag based on the JSTL c:param tag. The sole purpose is to
- support params inside the spring:url tag.</description>
- <name>param</name>
- <tag-class>org.springframework.web.servlet.tags.ParamTag</tag-class>
- <body-content>JSP</body-content>
- <attribute>
- <description>The name of the parameter.</description>
- <name>name</name>
- <required>true</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The value of the parameter.</description>
- <name>value</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- </tag>
-
- <tag>
- <description>Evaluates a Spring expression (SpEL) and either prints the result
- or assigns it to a variable.</description>
- <name>eval</name>
- <tag-class>org.springframework.web.servlet.tags.EvalTag</tag-class>
- <body-content>JSP</body-content>
- <attribute>
- <description>The expression to evaluate.</description>
- <name>expression</name>
- <required>true</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The name of the variable to export the evaluation result to.</description>
- <name>var</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>The scope for the var. 'application', 'session', 'request' and
- 'page' scopes are supported. Defaults to page scope. This attribute has no
- effect unless the var attribute is also defined.</description>
- <name>scope</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set HTML escaping for this tag, as a boolean value. Overrides the
- default HTML escaping setting for the current page.</description>
- <name>htmlEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- <attribute>
- <description>Set JavaScript escaping for this tag, as a boolean value.
- Default is 'false'.</description>
- <name>javaScriptEscape</name>
- <required>false</required>
- <rtexprvalue>true</rtexprvalue>
- </attribute>
- </tag>
-
- <function>
- <description>Helps to prepare a URL to a Spring MVC controller method.</description>
- <name>mvcUrl</name>
- <function-class>org.springframework.web.servlet.mvc.method.annotation.MvcUriComponentsBuilder</function-class>
- <function-signature>org.springframework.web.servlet.mvc.method.annotation.MvcUriComponentsBuilder.MethodArgumentBuilder fromMappingName(java.lang.String)</function-signature>
- </function>
-
-</taglib>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/web.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/web.xml
deleted file mode 100644
index 13335b2..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,150 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0">
-
- <display-name>Shibboleth Identity Provider</display-name>
-
- <!--
- The context parameters below control V5+ auto-registration support.
- Those desiring complete control over all of these steps can disable them
- but this is not generally recommended, apart from toggling the optional
- servlets that may not be needed.
- -->
-
- <!-- Registers Spring support. -->
- <context-param>
- <param-name>net.shibboleth.idp.registerSpringConfig</param-name>
- <param-value>true</param-value>
- </context-param>
-
- <!-- Auto-registers Java filter chain required by IdP. -->
- <context-param>
- <param-name>net.shibboleth.idp.registerFilterChain</param-name>
- <param-value>true</param-value>
- </context-param>
-
- <!-- Auto-registers IdP dispatcher servlet. -->
- <context-param>
- <param-name>net.shibboleth.idp.registerIdPServlet</param-name>
- <param-value>true</param-value>
- </context-param>
-
- <!-- Registers optional servlets used for RemoteUser and X509 login flows. -->
- <context-param>
- <param-name>net.shibboleth.idp.registerRemoteUserServlet</param-name>
- <param-value>true</param-value>
- </context-param>
- <context-param>
- <param-name>net.shibboleth.idp.registerX509Servlet</param-name>
- <param-value>true</param-value>
- </context-param>
-
- <!-- Registers /shibboleth to return metadata file. -->
- <context-param>
- <param-name>net.shibboleth.idp.registerMetadataServlet</param-name>
- <param-value>true</param-value>
- </context-param>
-
- <!-- Send servlet errors through the IdP's MVC error handling. -->
- <error-page>
- <exception-type>net.shibboleth.idp.authn.ExternalAuthenticationException</exception-type>
- <location>/profile/RaiseError</location>
- </error-page>
-
- <session-config>
- <session-timeout>15</session-timeout>
- <cookie-config>
- <!-- Comment name and path to revert __Host- protection. -->
- <name>__Host-JSESSIONID</name>
- <path>/</path>
- <secure>true</secure>
- <http-only>true</http-only>
- </cookie-config>
- <tracking-mode>COOKIE</tracking-mode>
- </session-config>
-
- <!-- Allow intended methods by using an absent auth-constraint. -->
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>Non-API Content</web-resource-name>
- <url-pattern>/*</url-pattern>
- <http-method>GET</http-method>
- <http-method>HEAD</http-method>
- <http-method>OPTIONS</http-method>
- <http-method>POST</http-method>
- </web-resource-collection>
- <!-- no auth-constraint tag here -->
- </security-constraint>
-
- <!-- Disallow other methods by using an empty auth-constraint. -->
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>Non-API Content</web-resource-name>
- <url-pattern>/*</url-pattern>
- <http-method-omission>GET</http-method-omission>
- <http-method-omission>HEAD</http-method-omission>
- <http-method-omission>OPTIONS</http-method-omission>
- <http-method-omission>POST</http-method-omission>
- </web-resource-collection>
- <auth-constraint/>
- </security-constraint>
-
- <!-- Allow any HTTP methods to the API flows. -->
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>Administrative APIs</web-resource-name>
- <url-pattern>/profile/admin/*</url-pattern>
- </web-resource-collection>
- <!-- no auth-constraint tag here -->
- </security-constraint>
-
- <!--
- Uncomment to use container managed authentication. The new servlet spec (3.1)
- supports "**" as a wildcard syntax to avoid role usage, which is normally desirable.
- Older containers usually support "*" when proprietary options are used (e.g., Jetty
- requires setting the Strict property on the SecurityManager.)
- -->
- <!--
- <security-constraint>
- <display-name>Web Login Service</display-name>
- <web-resource-collection>
- <web-resource-name>user authentication</web-resource-name>
- <url-pattern>/Authn/RemoteUser</url-pattern>
- <url-pattern>/profile/SAML2/SOAP/ECP</url-pattern>
- <http-method>POST</http-method>
- </web-resource-collection>
- <auth-constraint>
- <role-name>**</role-name>
- </auth-constraint>
- <user-data-constraint>
- <transport-guarantee>CONFIDENTIAL</transport-guarantee>
- </user-data-constraint>
- </security-constraint>
- -->
-
- <!-- Uncomment if you want BASIC auth managed by the container. -->
- <!--
- <login-config>
- <auth-method>BASIC</auth-method>
- <realm-name>Web Login Service</realm-name>
- </login-config>
- -->
-
- <!--
- Uncomment if you want form-based auth managed by the container.
- NOTE that the default form-login UI in the IdP is not compatible
- with this option, and you will need to supply your own JSP form
- and error page. This is not a recommended approach and is severely
- limited in functionality as compared to using the IdP's own UI.
- -->
- <!--
- <login-config>
- <auth-method>FORM</auth-method>
- <realm-name>Web Login Service</realm-name>
- <form-login-config>
- <form-login-page>/login.jsp</form-login-page>
- <form-error-page>/login-error.jsp</form-error-page>
- </form-login-config>
- </login-config>
- -->
-</web-app>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/css/logout.css b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/css/logout.css
deleted file mode 100644
index 5cd06c1..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/css/logout.css
+++ /dev/null
@@ -1,20 +0,0 @@
-/* Success/Failure indicators for logout propagation. */
-ol li:before {
- content: ''
-}
-li.logout {
- line-height: 36px;
- padding-left: 36px;
-}
-li.logout.success {
- background: url(../images/success-32x32.png) no-repeat left center;
-}
-li.logout.failure {
- background: url(../images/failure-32x32.png) no-repeat left center;
-}
-li.logout.pending{
-
-}
-li.logout.na {
- background: url(../images/failure-32x32.png) no-repeat left center;
-}
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/css/placeholder.css b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/css/placeholder.css
deleted file mode 100644
index c1dbe1c..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/css/placeholder.css
+++ /dev/null
@@ -1,802 +0,0 @@
-/* Colours pallet
-
-To change the colours, use find and replace with the values below:
-
- #ECEFF1 - Body background, header / section border, read only / disabled input fields.
-
- #1534E3 - Links, buttons, list items, selected radio, selected checkbox.
-
- #1A237E - Hover buttons.
-
- #32424A - Body text, input fields border.
-
- #7A2D00 - Output message.
-
- #B50024 - Error messages / fields.
-
- #1C7D40 - Success messages / fields.
-
- #999999 - read only / disabled input fields.
-
-*/
-
-html, html * {
- margin: 0;
- padding: 0;
- border: 0;
- font-size: 100%;
- font: inherit;
- vertical-align: baseline;
- box-sizing: border-box;
- background: none;
- background-repeat: no-repeat;
- background-position: left top;
- border: 0;
- outline: 0;
-}
-
-html {
- height: 100%;
-}
-
-/* HTML5 display-role reset for older browsers */
-article, aside, details, figcaption, figure, footer, header, hgroup, menu, nav, section, main {
- display: block;
-}
-
-/* Default document styles - fonts, font sizes, text colours, font weight */
-body {
- font-family: Segoe UI, Helvetica, Arial, sans-serif, Apple Color Emoji, Segoe UI Emoji, Segoe UI Symbol;
- font-size: 16px;
- font-size: 1rem;
- line-height: 24px;
- line-height: 1.5rem;
- color: #32424a;
- font-weight: 400;
- max-width: 3000px;
- margin: 0 auto;
- background-color: #eceff1;
- padding: 24px;
-}
-
-/* Links */
-a[href] {
- text-decoration: none;
- color: #1534e3;
-}
-
-/* Link hover states */
-a[href]:hover, a[href]:active, a[href]:focus {
- text-decoration: underline;
- color: #1534e3;
-}
-
-/* Heading styles */
-h1 {
- font-size: 24px;
- font-size: 1.5rem;
- line-height: 28px;
- line-height: 1.75rem;
- font-weight: 700;
-}
-
-h2 {
- font-size: 20px;
- font-size: 1.25rem;
- line-height: 25px;
- line-height: 1.5rem;
- font-weight: 400;
-}
-
-h3 {
- font-size: 16px;
- font-size: 1rem;
- line-height: 22px;
- line-height: 1.375rem;
- font-weight: 700;
-}
-
-h4 {
- font-size: 14px;
- font-size: 0.875rem;
- line-height: 18px;
- line-height: 1.125rem;
- font-weight: 700;
- margin-bottom: 0.5em;
-}
-
-h5 {
- font-size: 14px;
- font-size: 0.875rem;
- line-height: 18px;
- line-height: 1.125rem;
- font-weight: 400;
-}
-
-h1, h2, h3, h4, h5, h6, p {
- margin-bottom: 1em;
-}
-
-h1:last-child, h2:last-child, h3:last-child, h4:last-child, h5:last-child, h6:last-child, p:last-child {
- margin-bottom: 0px;
-}
-
-/* List styles */
-ol, ul {
- list-style: none;
- margin: 20px 0;
-}
-
-ol:before, ol:after,
-ul:before, ul:after {
- content: " ";
- display: table;
-}
-
-ol:after,
-ul:after {
- clear: both;
-}
-
-ol:last-child,
-ul:last-child {
- margin-bottom: 0px;
-}
-
-ol:first-child,
-ul:first-child {
- margin-top: 0px;
-}
-
-ul li {
- padding-left: 22px;
- margin-bottom: 4px;
- position: relative;
- list-style: none;
-}
-
-ul li:last-child {
- margin-bottom: 0px;
-}
-
-ul li:before {
- content: '';
- -webkit-border-radius: 2px;
- -ms-border-radius: 2px;
- -moz-border-radius: 2px;
- -o-border-radius: 2px;
- border-radius: 2px;
- background-color: #1534e3;
- height: 7px;
- width: 7px;
- display: block;
- position: absolute;
- left: 0;
- top: 7px;
-}
-
-ol {
- counter-reset: item;
-}
-
-ol li {
- padding-left: 22px;
- margin-bottom: 10px;
- position: relative;
- list-style: none;
-}
-
-ol li:last-child {
- margin-bottom: 0px;
-}
-
-ol li:before {
- color: #1534e3;
- position: absolute;
- left: 0;
- content: counter(item) ". ";
- counter-increment: item;
- font-weight: 700;
- top: 1px;
-}
-
-ol li:nth-child(n+10) {
- padding-left: 30px;
-}
-
-ol li:nth-child(n+100) {
- padding-left: 38px;
-}
-
-hr {
- width: 100%;
- clear: both;
- border: 0;
- outline: 0;
- background-color: #eceff1;
- height: 1px;
- display: block;
- margin: 30px 0;
-}
-
-b, strong {
- font-weight: 700;
-}
-
-i, em {
- font-style: italic;
-}
-
-small {
- font-size: 0.8em;
-}
-
-big {
- font-size: 1.2em;
-}
-
-.cc {
- clear: both;
- margin: 0 auto;
- width: 100%;
- max-width: 649px;
- padding: 0 0;
-}
-
-.cc:before, .cc:after {
- content: " ";
- display: table;
-}
-
-.cc:after {
- clear: both;
-}
-
-img {
- max-width: 100%;
- height: auto;
-}
-
-/* Main content area */
-main {
- clear: both;
- margin: 0 auto;
- width: 100%;
- max-width: 800px;
- background-color: #fff;
- -webkit-border-radius: 8px;
- -ms-border-radius: 8px;
- -moz-border-radius: 8px;
- -o-border-radius: 8px;
- border-radius: 8px;
- -webkit-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- -ms-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- -moz-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- -o-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
-}
-
-/* Add a border top when 2 sections are together */
-main section + section {
- border-top: 1px solid #eceff1;
-}
-
-/* Header */
-header {
- display: block; /* Change to display: none to hide */
- border-bottom: 1px solid #eceff1;
- text-align: center;
- padding: 6% 8%;
-}
-
-header .main-logo {
- display: block;
- margin: 0 auto;
-}
-
-.service-logo {
- display: block;
- margin: 24px 0;
-}
-
-section {
- padding: 4% 8% 4% 8%;
-}
-
-/* Output Messages */
-.output-message {
- font-size: 14px;
- font-size: 0.875rem;
- line-height: 18px;
- line-height: 1.125rem;
- font-style: italic;
- -webkit-border-radius: 4px;
- -ms-border-radius: 4px;
- -moz-border-radius: 4px;
- -o-border-radius: 4px;
- border-radius: 4px;
- background-color: #FFD8C2;
- display: block;
- padding: 4%;
- margin-bottom: 20px;
- color: #7A2D00;
-}
-
-.output-message:last-child {
- margin-bottom: 0px;
-}
-
-/* Output Message Success */
-.output-message.output--success {
- background-color: #DCF9E7;
- color: #1C7D40;
-}
-
-/* Output Message Error */
-.output-message.output--error {
- background-color: #FFF0F3;
- color: #B50024;
-}
-
-.boxed {
- -webkit-border-radius: 4px;
- -ms-border-radius: 4px;
- -moz-border-radius: 4px;
- -o-border-radius: 4px;
- border-radius: 4px;
- -webkit-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- -ms-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- -moz-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- -o-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- background-color: #fff;
- padding: 6%;
- margin: 30px 0;
-}
-
-.boxed:last-child {
- margin-bottom: 0px;
-}
-
-.boxed:first-child {
- margin-top: 0px;
-}
-
-/* Footer style */
-footer {
- z-index: 1;
- position: relative;
- text-align: center;
- margin-top: 20px;
- font-size: 12px;
- font-size: 0.75rem;
- line-height: 16px;
- line-height: 1rem;
-}
-
-/* Forms styles */
-fieldset {
- display: block;
- margin-bottom: 20px;
-}
-
-fieldset:last-child {
- margin-bottom: 0px;
-}
-
-fieldset .field-validation {
- display: block;
- margin-top: 10px;
-}
-
-fieldset .error {
- color: #B50024;
-}
-
-fieldset legend span {
- display: block;
- text-indent: 100%;
- white-space: nowrap;
- overflow: hidden;
- height: 0;
-}
-
-/* Form labels */
-label {
- vertical-align: top;
- font-size: 14px;
- font-size: 0.875rem;
- line-height: 18px;
- line-height: 1.125rem;
- font-weight: 700;
- display: block;
- color: #32424a;
- margin-bottom: 6px;
-}
-
-label:focus {
- color: #1534E3;
-}
-
-/* Form input fields */
-input[type="text"],
-input[type="email"],
-input[type="password"],
-input[type="telephone"],
-input[type="tel"],
-input[type="url"],
-textarea,
-select {
- background-color: #fff;
- border: 2px solid #32424a;
- -webkit-transition: all 0.3s ease-in-out;
- -moz-transition: all 0.3s ease-in-out;
- -ms-transition: all 0.3s ease-in-out;
- -o-transition: all 0.3s ease-in-out;
- transition: all 0.3s ease-in-out;
- color: #32424a;
- padding: 13px 20px;
- display: block;
- width: 100%;
- -webkit-appearance: none;
- -ms-appearance: none;
- -moz-appearance: none;
- -o-appearance: none;
- appearance: none;
- -webkit-border-radius: 4px;
- -ms-border-radius: 4px;
- -moz-border-radius: 4px;
- -o-border-radius: 4px;
- border-radius: 4px;
-}
-
-/* Form input focus */
-input[type="text"]:focus,
-input[type="email"]:focus,
-input[type="password"]:focus,
-input[type="telephone"]:focus,
-input[type="tel"]:focus,
-input[type="url"]:focus,
-textarea:focus,
-select:focus,
-input[type="text"]:active,
-input[type="email"]:active,
-input[type="password"]:active,
-input[type="telephone"]:active,
-input[type="tel"]:active,
-input[type="url"]:active,
-textarea:active,
-select:active {
- border-color: #1534e3;
- background-color: #fff;
-}
-
-/* Form input errors */
-input[type="text"].error,
-input[type="email"].error,
-input[type="password"].error,
-input[type="telephone"].error,
-input[type="tel"].error,
-input[type="url"].error,
-textarea.error,
-select.error {
- border-color: #B50024;
-}
-
-/* Form input read only / disabled */
-input[type="text"]:read-only,
-input[type="email"]:read-only,
-input[type="password"]:read-only,
-input[type="telephone"]:read-only,
-input[type="tel"]:read-only,
-input[type="url"]:read-only,
-textarea:read-only,
-select:read-only,
-input[type="text"]:disabled,
-input[type="email"]:disabled,
-input[type="password"]:disabled,
-input[type="telephone"]:disabled,
-input[type="tel"]:disabled,
-input[type="url"]:disabled,
-textarea:disabled,
-select:disabled {
- background-color: #ECEFF1;
- pointer-events: none;
-}
-
-/* Text areas */
-textarea {
- height: 124px;
- resize: none;
-}
-
-
-/* Dropdowns */
-select {
- -webkit-appearance: auto;
- -ms-appearance: auto;
- -moz-appearance: auto;
- -o-appearance: auto;
- appearance: auto;
-}
-
-select:read-only {
- background-color: #fff;
- pointer-events: unset;
-}
-
-select::-ms-expand {
- display: none;
-}
-
-/* Checkboxes / Radio buttons */
-input[type="checkbox"], input[type="radio"] {
- position : absolute;
- opacity: 0;
- height: 0;
- width: 0;
-}
-
-input[type="checkbox"] + label, input[type="radio"] + label {
- display: block;
- font-weight: 400;
- font-size: 16px;
- font-size: 1rem;
- line-height: 24px;
- line-height: 1.5rem;
- cursor: pointer;
- position: relative;
- padding-left: 30px;
- padding-top: 3px;
- margin-bottom: 4px;
- margin-right: 12px;
- display: inline-block;
-}
-
-input[type="checkbox"] + label:before, input[type="radio"] + label:before {
- content: "";
- position: absolute;
- top: 2px;
- left: 0;
- height: 20px;
- width: 20px;
- background-color: #fff;
- border: 2px solid #32424a;
- -webkit-transition: all 0.2s ease-out;
- -ms-transition: all 0.2s ease-out;
- -moz-transition: all 0.2s ease-out;
- -o-transition: all 0.2s ease-out;
- transition: all 0.2s ease-out;
-}
-
-input[type="checkbox"] + label:after, input[type="radio"] + label:after {
- content: "";
- position: absolute;
- -webkit-transform: rotate(45deg);
- -ms-transform: rotate(45deg);
- -moz-transform: rotate(45deg);
- -o-transform: rotate(45deg);
- transform: rotate(45deg);
- display: none;
-}
-
-input[type="checkbox"]:checked + label, input[type="radio"]:checked + label,
-input[type="checkbox"]:focus + label, input[type="radio"]:focus + label {
- color: #1534e3;
-}
-
-input[type="checkbox"]:checked + label:before, input[type="radio"]:checked + label:before,
-input[type="checkbox"]:focus + label:before, input[type="radio"]:focus + label:before {
- border-color: #1534e3;
-}
-
-input[type="checkbox"]:checked + label:after, input[type="radio"]:checked + label:after {
- display: block;
-}
-
-input[type="checkbox"] + label:before {
- -webkit-border-radius: 4px;
- -ms-border-radius: 4px;
- -moz-border-radius: 4px;
- -o-border-radius: 4px;
- border-radius: 4px;
-}
-
-input[type="checkbox"] + label:after {
- left: 8px;
- top: 5px;
- width: 4px;
- height: 10px;
- border: solid #1534e3;
- border-width: 0 4px 4px 0;
-}
-
-input[type="radio"] + label:before {
- -webkit-border-radius: 100%;
- -ms-border-radius: 100%;
- -moz-border-radius: 100%;
- -o-border-radius: 100%;
- border-radius: 100%;
-}
-
-input[type="radio"] + label:after {
- background-color: #1534e3;
- height: 12px;
- width: 12px;
- -webkit-border-radius: 100%;
- -ms-border-radius: 100%;
- -moz-border-radius: 100%;
- -o-border-radius: 100%;
- border-radius: 100%;
- left: 6px;
- top: 8px;
-}
-
-/* Buttons / Submit buttons */
-button, input[type=button],
-input[type=submit],
-a.button,
-.button {
- display: inline-block;
- text-align: center;
- background-color: #1534e3;
- border: 4px solid #1534e3;
- font-weight: 700;
- padding: 11px 74px;
- cursor: pointer;
- color: #fff;
- -webkit-appearance: none;
- -ms-appearance: none;
- -moz-appearance: none;
- -o-appearance: none;
- appearance: none;
- -webkit-border-radius: 4px;
- -ms-border-radius: 4px;
- -moz-border-radius: 4px;
- -o-border-radius: 4px;
- border-radius: 4px;
- -webkit-transition: all 0.2s ease-out;
- -ms-transition: all 0.2s ease-out;
- -moz-transition: all 0.2s ease-out;
- -o-transition: all 0.2s ease-out;
- transition: all 0.2s ease-out;
-}
-
-/* Button hover & focus states */
-button:hover,
-input[type=button]:hover,
-input[type=submit]:hover,
-a.button:hover,
-.button:hover,
-button:focus,
-input[type=button]:focus,
-input[type=submit]:focus,
-a.button:focus,
-.button:focus {
- background: #1a237e;
- color: #fff !important;
- text-decoration: none !important;
- border-color: #1a237e;
-}
-
-/* Secondary button styles */
-button.button--secondary,
-input[type=button].button--secondary,
-input[type=submit].button--secondary,
-a.button.button--secondary,
-.button.button--secondary {
- background-color: transparent;
- border-color: #1534e3;
- color: #1534e3;
-}
-
-/* Secondary button hover & focus states */
-button.button--secondary:hover,
-input[type=button].button--secondary:hover,
-input[type=submit].button--secondary:hover,
-a.button.button--secondary:hover,
-.button.button--secondary:hover,
-button.button--secondary:focus,
-input[type=button].button--secondary:focus,
-input[type=submit].button--secondary:focus,
-a.button.button--secondary:focus,
-.button.button--secondary:focus {
- background: #1a237e;
- border-color: #1a237e;
-}
-
-/* Secondary button disabled states */
-button.button--secondary:disabled,
-input[type=button].button--secondary:disabled,
-input[type=submit].button--secondary:disabled,
-a.button.button--secondary:disabled,
-.button.button--secondary:disabled {
- background-color: transparent;
- color: #999999;
-}
-
-/* Full width buttons */
-button.button--full,
-input[type=button].button--full,
-input[type=submit].button--full,
-a.button.button--full,
-.button.button--full {
- width: 100%;
- padding-left: 30px;
- padding-right: 30px;
-}
-
-/* Button disabled states */
-button:disabled,
-input[type=button]:disabled,
-input[type=submit]:disabled,
-a.button:disabled,
-.button:disabled {
- pointer-events: none;
- background-color: #999999;
- border-color: #999999;
-}
-
-/* Placeholder styles */
-::-webkit-input-placeholder {
- color: #a9b0b4;
-}
-
-:-moz-placeholder {
- color: #a9b0b4;
-}
-
-::-moz-placeholder {
- color: #a9b0b4;
-}
-
-:-ms-input-placeholder {
- color: #a9b0b4;
-}
-
-.grid {
- margin-top: 12px;
-}
-
-/* Grid (used for 2 columns) */
-.grid:before, .grid:after {
- content: " ";
- display: table;
-}
-
-.grid:after {
- clear: both;
-}
-
-.grid > .grid-item {
- margin-bottom: 18px;
- min-height: 1px;
- width: 100%;
-}
-
-.grid:last-child > .item:last-child {
- margin-bottom: 0px;
-}
-
-@media screen and (min-width: 760px) {
-
- .grid.md-2 > .grid-item {
- float: left;
- width: 48.34436%;
- margin-right: 3.31126%;
- }
-
- .grid.md-2 > .grid-item:nth-child(n), .grid.md-2 > .grid-item:nth-of-type(n) {
- margin-right: 3.31126%;
- clear: none;
- }
-
- .grid.md-2 > .grid-item:nth-child(2n) {
- margin-right: 0;
- }
-
- .grid.md-2 > .grid-item:nth-child(2n+1) {
- clear: both;
- }
-
-}
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/images/failure-32x32.png b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/images/failure-32x32.png
deleted file mode 100644
index 3c48e46..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/images/failure-32x32.png and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/images/placeholder-logo.png b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/images/placeholder-logo.png
deleted file mode 100644
index f5807ed..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/images/placeholder-logo.png and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/images/success-32x32.png b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/images/success-32x32.png
deleted file mode 100644
index aa51204..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/images/success-32x32.png and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/index.jsp b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/index.jsp
deleted file mode 100644
index 087cee2..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/index.jsp
+++ /dev/null
@@ -1,31 +0,0 @@
-<%@ page pageEncoding="UTF-8" %>
-<%@ taglib uri="http://www.springframework.org/tags" prefix="spring" %>
-<!DOCTYPE html>
-<html>
- <head>
- <meta charset="utf-8">
- <title><spring:message code="root.title" text="Shibboleth IdP" /></title>
- <link rel="stylesheet" type="text/css" href="<%= request.getContextPath()%><spring:message code="root.css" text="/css/placeholder.css" />">
- </head>
-
- <body>
- <div class="wrapper">
- <div class="container">
- <header>
- <img src="<%= request.getContextPath() %><spring:message code="idp.logo" />" alt="<spring:message code="idp.logo.alt-text" text="logo" />">
- </header>
-
- <div class="content">
- <h2><spring:message code="root.message" text="No services are available at this location." /></h2>
- </div>
- </div>
-
- <footer>
- <div class="container container-footer">
- <p class="footer-text"><spring:message code="root.footer" text="Insert your footer text here." /></p>
- </div>
- </footer>
- </div>
-
- </body>
-</html>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/js/jquery-3.6.0.min.js b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/js/jquery-3.6.0.min.js
deleted file mode 100644
index c4c6022..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/dist/webapp/js/jquery-3.6.0.min.js
+++ /dev/null
@@ -1,2 +0,0 @@
-/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */
-!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[o.call(e)]||"object":typeof e}var f="3.6.0",S=function(e,t){return new S.fn.init(e,t)};function p(e){var t=!!e&&"length"in e&&e.length,n=w(e);return!m(e)&&!x(e)&&("array"===n||0===t||"number"==typeof t&&0<t&&t-1 in e)}S.fn=S.prototype={jquery:f,constructor:S,length:0,toArray:function(){return s.call(this)},get:function(e){return null==e?s.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=S.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return S.each(this,e)},map:function(n){return this.pushStack(S.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(s.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(S.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(S.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject||this.constructor()},push:u,sort:t.sort,splice:t.splice},S.extend=S.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]||{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]||{},s++),"object"==typeof a||m(a)||(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(S.isPlainObject(r)||(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i||S.isPlainObject(n)?n:{},i=!1,a[t]=S.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},S.extend({expando:"jQuery"+(f+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==o.call(e))&&(!(t=r(e))||"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){b(e,{nonce:t&&t.nonce},n)},each:function(e,t){var n,r=0;if(p(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},makeArray:function(e,t){var n=t||[];return null!=e&&(p(Object(e))?S.merge(n,"string"==typeof e?[e]:e):u.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:i.call(t,e,n)},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){var r,i,o=0,a=[];if(p(e))for(r=e.length;o<r;o++)null!=(i=t(e[o],o,n))&&a.push(i);else for(o in e)null!=(i=t(e[o],o,n))&&a.push(i);return g(a)},guid:1,support:y}),"function"==typeof Symbol&&(S.fn[Symbol.iterator]=t[Symbol.iterator]),S.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var d=function(n){var e,d,b,o,i,h,f,g,w,u,l,T,C,a,E,v,s,c,y,S="sizzle"+1*new Date,p=n.document,k=0,r=0,m=ue(),x=ue(),A=ue(),N=ue(),j=function(e,t){return e===t&&(l=!0),0},D={}.hasOwnProperty,t=[],q=t.pop,L=t.push,H=t.push,O=t.slice,P=function(e,t){for(var n=0,r=e.length;n<r;n++)if(e[n]===t)return n;return-1},R="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",M="[\\x20\\t\\r\\n\\f]",I="(?:\\\\[\\da-fA-F]{1,6}"+M+"?|\\\\[^\\r\\n\\f]|[\\w-]|[^\0-\\x7f])+",W="\\["+M+"*("+I+")(?:"+M+"*([*^$|!~]?=)"+M+"*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|("+I+"))|)"+M+"*\\]",F=":("+I+")(?:\\((('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|((?:\\\\.|[^\\\\()[\\]]|"+W+")*)|.*)\\)|)",B=new RegExp(M+"+","g"),$=new RegExp("^"+M+"+|((?:^|[^\\\\])(?:\\\\.)*)"+M+"+$","g"),_=new RegExp("^"+M+"*,"+M+"*"),z=new RegExp("^"+M+"*([>+~]|"+M+")"+M+"*"),U=new RegExp(M+"|>"),X=new RegExp(F),V=new RegExp("^"+I+"$"),G={ID:new RegExp("^#("+I+")"),CLASS:new RegExp("^\\.("+I+")"),TAG:new RegExp("^("+I+"|[*])"),ATTR:new RegExp("^"+W),PSEUDO:new RegExp("^"+F),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+M+"*(even|odd|(([+-]|)(\\d*)n|)"+M+"*(?:([+-]|)"+M+"*(\\d+)|))"+M+"*\\)|)","i"),bool:new RegExp("^(?:"+R+")$","i"),needsContext:new RegExp("^"+M+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+M+"*((?:-\\d)?\\d*)"+M+"*\\)|)(?=[^-]|$)","i")},Y=/HTML$/i,Q=/^(?:input|select|textarea|button)$/i,J=/^h\d$/i,K=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,ee=/[+~]/,te=new RegExp("\\\\[\\da-fA-F]{1,6}"+M+"?|\\\\([^\\r\\n\\f])","g"),ne=function(e,t){var n="0x"+e.slice(1)-65536;return t||(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10|55296,1023&n|56320))},re=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g,ie=function(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e},oe=function(){T()},ae=be(function(e){return!0===e.disabled&&"fieldset"===e.nodeName.toLowerCase()},{dir:"parentNode",next:"legend"});try{H.apply(t=O.call(p.childNodes),p.childNodes),t[p.childNodes.length].nodeType}catch(e){H={apply:t.length?function(e,t){L.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function se(t,e,n,r){var i,o,a,s,u,l,c,f=e&&e.ownerDocument,p=e?e.nodeType:9;if(n=n||[],"string"!=typeof t||!t||1!==p&&9!==p&&11!==p)return n;if(!r&&(T(e),e=e||C,E)){if(11!==p&&(u=Z.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return n.push(a),n}else if(f&&(a=f.getElementById(i))&&y(e,a)&&a.id===i)return n.push(a),n}else{if(u[2])return H.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&d.getElementsByClassName&&e.getElementsByClassName)return H.apply(n,e.getElementsByClassName(i)),n}if(d.qsa&&!N[t+" "]&&(!v||!v.test(t))&&(1!==p||"object"!==e.nodeName.toLowerCase())){if(c=t,f=e,1===p&&(U.test(t)||z.test(t))){(f=ee.test(t)&&ye(e.parentNode)||e)===e&&d.scope||((s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=S)),o=(l=h(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+xe(l[o]);c=l.join(",")}try{return H.apply(n,f.querySelectorAll(c)),n}catch(e){N(t,!0)}finally{s===S&&e.removeAttribute("id")}}}return g(t.replace($,"$1"),e,n,r)}function ue(){var r=[];return function e(t,n){return r.push(t+" ")>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function le(e){return e[S]=!0,e}function ce(e){var t=C.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function fe(e,t){var n=e.split("|"),r=n.length;while(r--)b.attrHandle[n[r]]=t}function pe(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&e.sourceIndex-t.sourceIndex;if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function de(t){return function(e){return"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nodeName.toLowerCase();return("input"===t||"button"===t)&&e.type===n}}function ge(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?"label"in e.parentNode?e.parentNode.disabled===t:e.disabled===t:e.isDisabled===t||e.isDisabled!==!t&&ae(e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function ve(a){return le(function(o){return o=+o,le(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument||e).documentElement;return!Y.test(t||n&&n.nodeName||"HTML")},T=se.setDocument=function(e){var t,n,r=e?e.ownerDocument||e:p;return r!=C&&9===r.nodeType&&r.documentElement&&(a=(C=r).documentElement,E=!i(C),p!=C&&(n=C.defaultView)&&n.top!==n&&(n.addEventListener?n.addEventListener("unload",oe,!1):n.attachEvent&&n.attachEvent("onunload",oe)),d.scope=ce(function(e){return a.appendChild(e).appendChild(C.createElement("div")),"undefined"!=typeof e.querySelectorAll&&!e.querySelectorAll(":scope fieldset div").length}),d.attributes=ce(function(e){return e.className="i",!e.getAttribute("className")}),d.getElementsByTagName=ce(function(e){return e.appendChild(C.createComment("")),!e.getElementsByTagName("*").length}),d.getElementsByClassName=K.test(C.getElementsByClassName),d.getById=ce(function(e){return a.appendChild(e).id=S,!C.getElementsByName||!C.getElementsByName(S).length}),d.getById?(b.filter.ID=function(e){var t=e.replace(te,ne);return function(e){return e.getAttribute("id")===t}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n=t.getElementById(e);return n?[n]:[]}}):(b.filter.ID=function(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=d.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):d.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},b.find.CLASS=d.getElementsByClassName&&function(e,t){if("undefined"!=typeof t.getElementsByClassName&&E)return t.getElementsByClassName(e)},s=[],v=[],(d.qsa=K.test(C.querySelectorAll))&&(ce(function(e){var t;a.appendChild(e).innerHTML="<a id='"+S+"'></a><select id='"+S+"-\r\\' msallowcapture=''><option selected=''></option></select>",e.querySelectorAll("[msallowcapture^='']").length&&v.push("[*^$]="+M+"*(?:''|\"\")"),e.querySelectorAll("[selected]").length||v.push("\\["+M+"*(?:value|"+R+")"),e.querySelectorAll("[id~="+S+"-]").length||v.push("~="),(t=C.createElement("input")).setAttribute("name",""),e.appendChild(t),e.querySelectorAll("[name='']").length||v.push("\\["+M+"*name"+M+"*="+M+"*(?:''|\"\")"),e.querySelectorAll(":checked").length||v.push(":checked"),e.querySelectorAll("a#"+S+"+*").length||v.push(".#.+[+~]"),e.querySelectorAll("\\\f"),v.push("[\\r\\n\\f]")}),ce(function(e){e.innerHTML="<a href='' disabled='disabled'></a><select disabled='disabled'><option/></select>";var t=C.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),e.querySelectorAll("[name=d]").length&&v.push("name"+M+"*[*^$|!~]?="),2!==e.querySelectorAll(":enabled").length&&v.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&v.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),v.push(",.*:")})),(d.matchesSelector=K.test(c=a.matches||a.webkitMatchesSelector||a.mozMatchesSelector||a.oMatchesSelector||a.msMatchesSelector))&&ce(function(e){d.disconnectedMatch=c.call(e,"*"),c.call(e,"[s!='']:x"),s.push("!=",F)}),v=v.length&&new RegExp(v.join("|")),s=s.length&&new RegExp(s.join("|")),t=K.test(a.compareDocumentPosition),y=t||K.test(a.contains)?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},j=t?function(e,t){if(e===t)return l=!0,0;var n=!e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)==(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!d.sortDetached&&t.compareDocumentPosition(e)===n?e==C||e.ownerDocument==p&&y(p,e)?-1:t==C||t.ownerDocument==p&&y(p,t)?1:u?P(u,e)-P(u,t):0:4&n?-1:1)}:function(e,t){if(e===t)return l=!0,0;var n,r=0,i=e.parentNode,o=t.parentNode,a=[e],s=[t];if(!i||!o)return e==C?-1:t==C?1:i?-1:o?1:u?P(u,e)-P(u,t):0;if(i===o)return pe(e,t);n=e;while(n=n.parentNode)a.unshift(n);n=t;while(n=n.parentNode)s.unshift(n);while(a[r]===s[r])r++;return r?pe(a[r],s[r]):a[r]==p?-1:s[r]==p?1:0}),C},se.matches=function(e,t){return se(e,null,null,t)},se.matchesSelector=function(e,t){if(T(e),d.matchesSelector&&E&&!N[t+" "]&&(!s||!s.test(t))&&(!v||!v.test(t)))try{var n=c.call(e,t);if(n||d.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){N(t,!0)}return 0<se(t,C,null,[e]).length},se.contains=function(e,t){return(e.ownerDocument||e)!=C&&T(e),y(e,t)},se.attr=function(e,t){(e.ownerDocument||e)!=C&&T(e);var n=b.attrHandle[t.toLowerCase()],r=n&&D.call(b.attrHandle,t.toLowerCase())?n(e,t,!E):void 0;return void 0!==r?r:d.attributes||!E?e.getAttribute(t):(r=e.getAttributeNode(t))&&r.specified?r.value:null},se.escape=function(e){return(e+"").replace(re,ie)},se.error=function(e){throw new Error("Syntax error, unrecognized expression: "+e)},se.uniqueSort=function(e){var t,n=[],r=0,i=0;if(l=!d.detectDuplicates,u=!d.sortStable&&e.slice(0),e.sort(j),l){while(t=e[i++])t===e[i]&&(r=n.push(i));while(r--)e.splice(n[r],1)}return u=null,e},o=se.getText=function(e){var t,n="",r=0,i=e.nodeType;if(i){if(1===i||9===i||11===i){if("string"==typeof e.textContent)return e.textContent;for(e=e.firstChild;e;e=e.nextSibling)n+=o(e)}else if(3===i||4===i)return e.nodeValue}else while(t=e[r++])n+=o(t);return n},(b=se.selectors={cacheLength:50,createPseudo:le,match:G,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(te,ne),e[3]=(e[3]||e[4]||e[5]||"").replace(te,ne),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||se.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&se.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return G.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&X.test(n)&&(t=h(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(te,ne).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=m[e+" "];return t||(t=new RegExp("(^|"+M+")"+e+"("+M+"|$)"))&&m(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=se.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"*="===r?i&&-1<t.indexOf(i):"$="===r?i&&t.slice(-i.length)===i:"~="===r?-1<(" "+t.replace(B," ")+" ").indexOf(i):"|="===r&&(t===i||t.slice(0,i.length+1)===i+"-"))}},CHILD:function(h,e,t,g,v){var y="nth"!==h.slice(0,3),m="last"!==h.slice(-4),x="of-type"===e;return 1===g&&0===v?function(e){return!!e.parentNode}:function(e,t,n){var r,i,o,a,s,u,l=y!==m?"nextSibling":"previousSibling",c=e.parentNode,f=x&&e.nodeName.toLowerCase(),p=!n&&!x,d=!1;if(c){if(y){while(l){a=e;while(a=a[l])if(x?a.nodeName.toLowerCase()===f:1===a.nodeType)return!1;u=l="only"===h&&!u&&"nextSibling"}return!0}if(u=[m?c.firstChild:c.lastChild],m&&p){d=(s=(r=(i=(o=(a=c)[S]||(a[S]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]||[])[0]===k&&r[1])&&r[2],a=s&&c.childNodes[s];while(a=++s&&a&&a[l]||(d=s=0)||u.pop())if(1===a.nodeType&&++d&&a===e){i[h]=[k,s,d];break}}else if(p&&(d=s=(r=(i=(o=(a=e)[S]||(a[S]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]||[])[0]===k&&r[1]),!1===d)while(a=++s&&a&&a[l]||(d=s=0)||u.pop())if((x?a.nodeName.toLowerCase()===f:1===a.nodeType)&&++d&&(p&&((i=(o=a[S]||(a[S]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]=[k,d]),a===e))break;return(d-=v)===g||d%g==0&&0<=d/g}}},PSEUDO:function(e,o){var t,a=b.pseudos[e]||b.setFilters[e.toLowerCase()]||se.error("unsupported pseudo: "+e);return a[S]?a(o):1<a.length?(t=[e,e,"",o],b.setFilters.hasOwnProperty(e.toLowerCase())?le(function(e,t){var n,r=a(e,o),i=r.length;while(i--)e[n=P(e,r[i])]=!(t[n]=r[i])}):function(e){return a(e,0,t)}):a}},pseudos:{not:le(function(e){var r=[],i=[],s=f(e.replace($,"$1"));return s[S]?le(function(e,t,n,r){var i,o=s(e,null,r,[]),a=e.length;while(a--)(i=o[a])&&(e[a]=!(t[a]=i))}):function(e,t,n){return r[0]=e,s(r,null,n,i),r[0]=null,!i.pop()}}),has:le(function(t){return function(e){return 0<se(t,e).length}}),contains:le(function(t){return t=t.replace(te,ne),function(e){return-1<(e.textContent||o(e)).indexOf(t)}}),lang:le(function(n){return V.test(n||"")||se.error("unsupported lang: "+n),n=n.replace(te,ne).toLowerCase(),function(e){var t;do{if(t=E?e.lang:e.getAttribute("xml:lang")||e.getAttribute("lang"))return(t=t.toLowerCase())===n||0===t.indexOf(n+"-")}while((e=e.parentNode)&&1===e.nodeType);return!1}}),target:function(e){var t=n.location&&n.location.hash;return t&&t.slice(1)===e.id},root:function(e){return e===a},focus:function(e){return e===C.activeElement&&(!C.hasFocus||C.hasFocus())&&!!(e.type||e.href||~e.tabIndex)},enabled:ge(!1),disabled:ge(!0),checked:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&!!e.checked||"option"===t&&!!e.selected},selected:function(e){return e.parentNode&&e.parentNode.selectedIndex,!0===e.selected},empty:function(e){for(e=e.firstChild;e;e=e.nextSibling)if(e.nodeType<6)return!1;return!0},parent:function(e){return!b.pseudos.empty(e)},header:function(e){return J.test(e.nodeName)},input:function(e){return Q.test(e.nodeName)},button:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&"button"===e.type||"button"===t},text:function(e){var t;return"input"===e.nodeName.toLowerCase()&&"text"===e.type&&(null==(t=e.getAttribute("type"))||"text"===t.toLowerCase())},first:ve(function(){return[0]}),last:ve(function(e,t){return[t-1]}),eq:ve(function(e,t,n){return[n<0?n+t:n]}),even:ve(function(e,t){for(var n=0;n<t;n+=2)e.push(n);return e}),odd:ve(function(e,t){for(var n=1;n<t;n+=2)e.push(n);return e}),lt:ve(function(e,t,n){for(var r=n<0?n+t:t<n?t:n;0<=--r;)e.push(r);return e}),gt:ve(function(e,t,n){for(var r=n<0?n+t:n;++r<t;)e.push(r);return e})}}).pseudos.nth=b.pseudos.eq,{radio:!0,checkbox:!0,file:!0,password:!0,image:!0})b.pseudos[e]=de(e);for(e in{submit:!0,reset:!0})b.pseudos[e]=he(e);function me(){}function xe(e){for(var t=0,n=e.length,r="";t<n;t++)r+=e[t].value;return r}function be(s,e,t){var u=e.dir,l=e.next,c=l||u,f=t&&"parentNode"===c,p=r++;return e.first?function(e,t,n){while(e=e[u])if(1===e.nodeType||f)return s(e,t,n);return!1}:function(e,t,n){var r,i,o,a=[k,p];if(n){while(e=e[u])if((1===e.nodeType||f)&&s(e,t,n))return!0}else while(e=e[u])if(1===e.nodeType||f)if(i=(o=e[S]||(e[S]={}))[e.uniqueID]||(o[e.uniqueID]={}),l&&l===e.nodeName.toLowerCase())e=e[u]||e;else{if((r=i[c])&&r[0]===k&&r[1]===p)return a[2]=r[2];if((i[c]=a)[2]=s(e,t,n))return!0}return!1}}function we(i){return 1<i.length?function(e,t,n){var r=i.length;while(r--)if(!i[r](e,t,n))return!1;return!0}:i[0]}function Te(e,t,n,r,i){for(var o,a=[],s=0,u=e.length,l=null!=t;s<u;s++)(o=e[s])&&(n&&!n(o,r,i)||(a.push(o),l&&t.push(s)));return a}function Ce(d,h,g,v,y,e){return v&&!v[S]&&(v=Ce(v)),y&&!y[S]&&(y=Ce(y,e)),le(function(e,t,n,r){var i,o,a,s=[],u=[],l=t.length,c=e||function(e,t,n){for(var r=0,i=t.length;r<i;r++)se(e,t[r],n);return n}(h||"*",n.nodeType?[n]:n,[]),f=!d||!e&&h?c:Te(c,s,d,n,r),p=g?y||(e?d:l||v)?[]:t:f;if(g&&g(f,p,n,r),v){i=Te(p,u),v(i,[],n,r),o=i.length;while(o--)(a=i[o])&&(p[u[o]]=!(f[u[o]]=a))}if(e){if(y||d){if(y){i=[],o=p.length;while(o--)(a=p[o])&&i.push(f[o]=a);y(null,p=[],i,r)}o=p.length;while(o--)(a=p[o])&&-1<(i=y?P(e,a):s[o])&&(e[i]=!(t[i]=a))}}else p=Te(p===t?p.splice(l,p.length):p),y?y(null,t,p,r):H.apply(t,p)})}function Ee(e){for(var i,t,n,r=e.length,o=b.relative[e[0].type],a=o||b.relative[" "],s=o?1:0,u=be(function(e){return e===i},a,!0),l=be(function(e){return-1<P(i,e)},a,!0),c=[function(e,t,n){var r=!o&&(n||t!==w)||((i=t).nodeType?u(e,t,n):l(e,t,n));return i=null,r}];s<r;s++)if(t=b.relative[e[s].type])c=[be(we(c),t)];else{if((t=b.filter[e[s].type].apply(null,e[s].matches))[S]){for(n=++s;n<r;n++)if(b.relative[e[n].type])break;return Ce(1<s&&we(c),1<s&&xe(e.slice(0,s-1).concat({value:" "===e[s-2].type?"*":""})).replace($,"$1"),t,s<n&&Ee(e.slice(s,n)),n<r&&Ee(e=e.slice(n)),n<r&&xe(e))}c.push(t)}return we(c)}return me.prototype=b.filters=b.pseudos,b.setFilters=new me,h=se.tokenize=function(e,t){var n,r,i,o,a,s,u,l=x[e+" "];if(l)return t?0:l.slice(0);a=e,s=[],u=b.preFilter;while(a){for(o in n&&!(r=_.exec(a))||(r&&(a=a.slice(r[0].length)||a),s.push(i=[])),n=!1,(r=z.exec(a))&&(n=r.shift(),i.push({value:n,type:r[0].replace($," ")}),a=a.slice(n.length)),b.filter)!(r=G[o].exec(a))||u[o]&&!(r=u[o](r))||(n=r.shift(),i.push({value:n,type:o,matches:r}),a=a.slice(n.length));if(!n)break}return t?a.length:a?se.error(e):x(e,s).slice(0)},f=se.compile=function(e,t){var n,v,y,m,x,r,i=[],o=[],a=A[e+" "];if(!a){t||(t=h(e)),n=t.length;while(n--)(a=Ee(t[n]))[S]?i.push(a):o.push(a);(a=A(e,(v=o,m=0<(y=i).length,x=0<v.length,r=function(e,t,n,r,i){var o,a,s,u=0,l="0",c=e&&[],f=[],p=w,d=e||x&&b.find.TAG("*",i),h=k+=null==p?1:Math.random()||.1,g=d.length;for(i&&(w=t==C||t||i);l!==g&&null!=(o=d[l]);l++){if(x&&o){a=0,t||o.ownerDocument==C||(T(o),n=!E);while(s=v[a++])if(s(o,t||C,n)){r.push(o);break}i&&(k=h)}m&&((o=!s&&o)&&u--,e&&c.push(o))}if(u+=l,m&&l!==u){a=0;while(s=y[a++])s(c,f,t,n);if(e){if(0<u)while(l--)c[l]||f[l]||(f[l]=q.call(r));f=Te(f)}H.apply(r,f),i&&!e&&0<f.length&&1<u+y.length&&se.uniqueSort(r)}return i&&(k=h,w=p),c},m?le(r):r))).selector=e}return a},g=se.select=function(e,t,n,r){var i,o,a,s,u,l="function"==typeof e&&e,c=!r&&h(e=l.selector||e);if(n=n||[],1===c.length){if(2<(o=c[0]=c[0].slice(0)).length&&"ID"===(a=o[0]).type&&9===t.nodeType&&E&&b.relative[o[1].type]){if(!(t=(b.find.ID(a.matches[0].replace(te,ne),t)||[])[0]))return n;l&&(t=t.parentNode),e=e.slice(o.shift().value.length)}i=G.needsContext.test(e)?0:o.length;while(i--){if(a=o[i],b.relative[s=a.type])break;if((u=b.find[s])&&(r=u(a.matches[0].replace(te,ne),ee.test(o[0].type)&&ye(t.parentNode)||t))){if(o.splice(i,1),!(e=r.length&&xe(o)))return H.apply(n,r),n;break}}}return(l||f(e,c))(r,t,!E,n,!t||ee.test(e)&&ye(t.parentNode)||t),n},d.sortStable=S.split("").sort(j).join("")===S,d.detectDuplicates=!!l,T(),d.sortDetached=ce(function(e){return 1&e.compareDocumentPosition(C.createElement("fieldset"))}),ce(function(e){return e.innerHTML="<a href='#'></a>","#"===e.firstChild.getAttribute("href")})||fe("type|href|height|width",function(e,t,n){if(!n)return e.getAttribute(t,"type"===t.toLowerCase()?1:2)}),d.attributes&&ce(function(e){return e.innerHTML="<input/>",e.firstChild.setAttribute("value",""),""===e.firstChild.getAttribute("value")})||fe("value",function(e,t,n){if(!n&&"input"===e.nodeName.toLowerCase())return e.defaultValue}),ce(function(e){return null==e.getAttribute("disabled")})||fe(R,function(e,t,n){var r;if(!n)return!0===e[t]?t.toLowerCase():(r=e.getAttributeNode(t))&&r.specified?r.value:null}),se}(C);S.find=d,S.expr=d.selectors,S.expr[":"]=S.expr.pseudos,S.uniqueSort=S.unique=d.uniqueSort,S.text=d.getText,S.isXMLDoc=d.isXML,S.contains=d.contains,S.escapeSelector=d.escape;var h=function(e,t,n){var r=[],i=void 0!==n;while((e=e[t])&&9!==e.nodeType)if(1===e.nodeType){if(i&&S(e).is(n))break;r.push(e)}return r},T=function(e,t){for(var n=[];e;e=e.nextSibling)1===e.nodeType&&e!==t&&n.push(e);return n},k=S.expr.match.needsContext;function A(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}var N=/^<([a-z][^\/\0>:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function j(e,n,r){return m(n)?S.grep(e,function(e,t){return!!n.call(e,t,e)!==r}):n.nodeType?S.grep(e,function(e){return e===n!==r}):"string"!=typeof n?S.grep(e,function(e){return-1<i.call(n,e)!==r}):S.filter(n,e,r)}S.filter=function(e,t,n){var r=t[0];return n&&(e=":not("+e+")"),1===t.length&&1===r.nodeType?S.find.matchesSelector(r,e)?[r]:[]:S.find.matches(e,S.grep(t,function(e){return 1===e.nodeType}))},S.fn.extend({find:function(e){var t,n,r=this.length,i=this;if("string"!=typeof e)return this.pushStack(S(e).filter(function(){for(t=0;t<r;t++)if(S.contains(i[t],this))return!0}));for(n=this.pushStack([]),t=0;t<r;t++)S.find(e,i[t],n);return 1<r?S.uniqueSort(n):n},filter:function(e){return this.pushStack(j(this,e||[],!1))},not:function(e){return this.pushStack(j(this,e||[],!0))},is:function(e){return!!j(this,"string"==typeof e&&k.test(e)?S(e):e||[],!1).length}});var D,q=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]+))$/;(S.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||D,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:q.exec(e))||!r[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(r[1]){if(t=t instanceof S?t[0]:t,S.merge(this,S.parseHTML(r[1],t&&t.nodeType?t.ownerDocument||t:E,!0)),N.test(r[1])&&S.isPlainObject(t))for(r in t)m(this[r])?this[r](t[r]):this.attr(r,t[r]);return this}return(i=E.getElementById(r[2]))&&(this[0]=i,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):m(e)?void 0!==n.ready?n.ready(e):e(S):S.makeArray(e,this)}).prototype=S.fn,D=S(E);var L=/^(?:parents|prev(?:Until|All))/,H={children:!0,contents:!0,next:!0,prev:!0};function O(e,t){while((e=e[t])&&1!==e.nodeType);return e}S.fn.extend({has:function(e){var t=S(e,this),n=t.length;return this.filter(function(){for(var e=0;e<n;e++)if(S.contains(this,t[e]))return!0})},closest:function(e,t){var n,r=0,i=this.length,o=[],a="string"!=typeof e&&S(e);if(!k.test(e))for(;r<i;r++)for(n=this[r];n&&n!==t;n=n.parentNode)if(n.nodeType<11&&(a?-1<a.index(n):1===n.nodeType&&S.find.matchesSelector(n,e))){o.push(n);break}return this.pushStack(1<o.length?S.uniqueSort(o):o)},index:function(e){return e?"string"==typeof e?i.call(S(e),this[0]):i.call(this,e.jquery?e[0]:e):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(e,t){return this.pushStack(S.uniqueSort(S.merge(this.get(),S(e,t))))},addBack:function(e){return this.add(null==e?this.prevObject:this.prevObject.filter(e))}}),S.each({parent:function(e){var t=e.parentNode;return t&&11!==t.nodeType?t:null},parents:function(e){return h(e,"parentNode")},parentsUntil:function(e,t,n){return h(e,"parentNode",n)},next:function(e){return O(e,"nextSibling")},prev:function(e){return O(e,"previousSibling")},nextAll:function(e){return h(e,"nextSibling")},prevAll:function(e){return h(e,"previousSibling")},nextUntil:function(e,t,n){return h(e,"nextSibling",n)},prevUntil:function(e,t,n){return h(e,"previousSibling",n)},siblings:function(e){return T((e.parentNode||{}).firstChild,e)},children:function(e){return T(e.firstChild)},contents:function(e){return null!=e.contentDocument&&r(e.contentDocument)?e.contentDocument:(A(e,"template")&&(e=e.content||e),S.merge([],e.childNodes))}},function(r,i){S.fn[r]=function(e,t){var n=S.map(this,i,e);return"Until"!==r.slice(-5)&&(t=e),t&&"string"==typeof t&&(n=S.filter(t,n)),1<this.length&&(H[r]||S.uniqueSort(n),L.test(r)&&n.reverse()),this.pushStack(n)}});var P=/[^\x20\t\r\n\f]+/g;function R(e){return e}function M(e){throw e}function I(e,t,n,r){var i;try{e&&m(i=e.promise)?i.call(e).done(t).fail(n):e&&m(i=e.then)?i.call(e,t,n):t.apply(void 0,[e].slice(r))}catch(e){n.apply(void 0,[e])}}S.Callbacks=function(r){var e,n;r="string"==typeof r?(e=r,n={},S.each(e.match(P)||[],function(e,t){n[t]=!0}),n):S.extend({},r);var i,t,o,a,s=[],u=[],l=-1,c=function(){for(a=a||r.once,o=i=!0;u.length;l=-1){t=u.shift();while(++l<s.length)!1===s[l].apply(t[0],t[1])&&r.stopOnFalse&&(l=s.length,t=!1)}r.memory||(t=!1),i=!1,a&&(s=t?[]:"")},f={add:function(){return s&&(t&&!i&&(l=s.length-1,u.push(t)),function n(e){S.each(e,function(e,t){m(t)?r.unique&&f.has(t)||s.push(t):t&&t.length&&"string"!==w(t)&&n(t)})}(arguments),t&&!i&&c()),this},remove:function(){return S.each(arguments,function(e,t){var n;while(-1<(n=S.inArray(t,s,n)))s.splice(n,1),n<=l&&l--}),this},has:function(e){return e?-1<S.inArray(e,s):0<s.length},empty:function(){return s&&(s=[]),this},disable:function(){return a=u=[],s=t="",this},disabled:function(){return!s},lock:function(){return a=u=[],t||i||(s=t=""),this},locked:function(){return!!a},fireWith:function(e,t){return a||(t=[e,(t=t||[]).slice?t.slice():t],u.push(t),i||c()),this},fire:function(){return f.fireWith(this,arguments),this},fired:function(){return!!o}};return f},S.extend({Deferred:function(e){var o=[["notify","progress",S.Callbacks("memory"),S.Callbacks("memory"),2],["resolve","done",S.Callbacks("once memory"),S.Callbacks("once memory"),0,"resolved"],["reject","fail",S.Callbacks("once memory"),S.Callbacks("once memory"),1,"rejected"]],i="pending",a={state:function(){return i},always:function(){return s.done(arguments).fail(arguments),this},"catch":function(e){return a.then(null,e)},pipe:function(){var i=arguments;return S.Deferred(function(r){S.each(o,function(e,t){var n=m(i[t[4]])&&i[t[4]];s[t[1]](function(){var e=n&&n.apply(this,arguments);e&&m(e.promise)?e.promise().progress(r.notify).done(r.resolve).fail(r.reject):r[t[0]+"With"](this,n?[e]:arguments)})}),i=null}).promise()},then:function(t,n,r){var u=0;function l(i,o,a,s){return function(){var n=this,r=arguments,e=function(){var e,t;if(!(i<u)){if((e=a.apply(n,r))===o.promise())throw new TypeError("Thenable self-resolution");t=e&&("object"==typeof e||"function"==typeof e)&&e.then,m(t)?s?t.call(e,l(u,o,R,s),l(u,o,M,s)):(u++,t.call(e,l(u,o,R,s),l(u,o,M,s),l(u,o,R,o.notifyWith))):(a!==R&&(n=void 0,r=[e]),(s||o.resolveWith)(n,r))}},t=s?e:function(){try{e()}catch(e){S.Deferred.exceptionHook&&S.Deferred.exceptionHook(e,t.stackTrace),u<=i+1&&(a!==M&&(n=void 0,r=[e]),o.rejectWith(n,r))}};i?t():(S.Deferred.getStackHook&&(t.stackTrace=S.Deferred.getStackHook()),C.setTimeout(t))}}return S.Deferred(function(e){o[0][3].add(l(0,e,m(r)?r:R,e.notifyWith)),o[1][3].add(l(0,e,m(t)?t:R)),o[2][3].add(l(0,e,m(n)?n:M))}).promise()},promise:function(e){return null!=e?S.extend(e,a):a}},s={};return S.each(o,function(e,t){var n=t[2],r=t[5];a[t[1]]=n.add,r&&n.add(function(){i=r},o[3-e][2].disable,o[3-e][3].disable,o[0][2].lock,o[0][3].lock),n.add(t[3].fire),s[t[0]]=function(){return s[t[0]+"With"](this===s?void 0:this,arguments),this},s[t[0]+"With"]=n.fireWith}),a.promise(s),e&&e.call(s,s),s},when:function(e){var n=arguments.length,t=n,r=Array(t),i=s.call(arguments),o=S.Deferred(),a=function(t){return function(e){r[t]=this,i[t]=1<arguments.length?s.call(arguments):e,--n||o.resolveWith(r,i)}};if(n<=1&&(I(e,o.done(a(t)).resolve,o.reject,!n),"pending"===o.state()||m(i[t]&&i[t].then)))return o.then();while(t--)I(i[t],a(t),o.reject);return o.promise()}});var W=/^(Eval|Internal|Range|Reference|Syntax|Type|URI)Error$/;S.Deferred.exceptionHook=function(e,t){C.console&&C.console.warn&&e&&W.test(e.name)&&C.console.warn("jQuery.Deferred exception: "+e.message,e.stack,t)},S.readyException=function(e){C.setTimeout(function(){throw e})};var F=S.Deferred();function B(){E.removeEventListener("DOMContentLoaded",B),C.removeEventListener("load",B),S.ready()}S.fn.ready=function(e){return F.then(e)["catch"](function(e){S.readyException(e)}),this},S.extend({isReady:!1,readyWait:1,ready:function(e){(!0===e?--S.readyWait:S.isReady)||(S.isReady=!0)!==e&&0<--S.readyWait||F.resolveWith(E,[S])}}),S.ready.then=F.then,"complete"===E.readyState||"loading"!==E.readyState&&!E.documentElement.doScroll?C.setTimeout(S.ready):(E.addEventListener("DOMContentLoaded",B),C.addEventListener("load",B));var $=function(e,t,n,r,i,o,a){var s=0,u=e.length,l=null==n;if("object"===w(n))for(s in i=!0,n)$(e,t,s,n[s],!0,o,a);else if(void 0!==r&&(i=!0,m(r)||(a=!0),l&&(a?(t.call(e,r),t=null):(l=t,t=function(e,t,n){return l.call(S(e),n)})),t))for(;s<u;s++)t(e[s],n,a?r:r.call(e[s],s,t(e[s],n)));return i?e:l?t.call(e):u?t(e[0],n):o},_=/^-ms-/,z=/-([a-z])/g;function U(e,t){return t.toUpperCase()}function X(e){return e.replace(_,"ms-").replace(z,U)}var V=function(e){return 1===e.nodeType||9===e.nodeType||!+e.nodeType};function G(){this.expando=S.expando+G.uid++}G.uid=1,G.prototype={cache:function(e){var t=e[this.expando];return t||(t={},V(e)&&(e.nodeType?e[this.expando]=t:Object.defineProperty(e,this.expando,{value:t,configurable:!0}))),t},set:function(e,t,n){var r,i=this.cache(e);if("string"==typeof t)i[X(t)]=n;else for(r in t)i[X(r)]=t[r];return i},get:function(e,t){return void 0===t?this.cache(e):e[this.expando]&&e[this.expando][X(t)]},access:function(e,t,n){return void 0===t||t&&"string"==typeof t&&void 0===n?this.get(e,t):(this.set(e,t,n),void 0!==n?n:t)},remove:function(e,t){var n,r=e[this.expando];if(void 0!==r){if(void 0!==t){n=(t=Array.isArray(t)?t.map(X):(t=X(t))in r?[t]:t.match(P)||[]).length;while(n--)delete r[t[n]]}(void 0===t||S.isEmptyObject(r))&&(e.nodeType?e[this.expando]=void 0:delete e[this.expando])}},hasData:function(e){var t=e[this.expando];return void 0!==t&&!S.isEmptyObject(t)}};var Y=new G,Q=new G,J=/^(?:\{[\w\W]*\}|\[[\w\W]*\])$/,K=/[A-Z]/g;function Z(e,t,n){var r,i;if(void 0===n&&1===e.nodeType)if(r="data-"+t.replace(K,"-$&").toLowerCase(),"string"==typeof(n=e.getAttribute(r))){try{n="true"===(i=n)||"false"!==i&&("null"===i?null:i===+i+""?+i:J.test(i)?JSON.parse(i):i)}catch(e){}Q.set(e,t,n)}else n=void 0;return n}S.extend({hasData:function(e){return Q.hasData(e)||Y.hasData(e)},data:function(e,t,n){return Q.access(e,t,n)},removeData:function(e,t){Q.remove(e,t)},_data:function(e,t,n){return Y.access(e,t,n)},_removeData:function(e,t){Y.remove(e,t)}}),S.fn.extend({data:function(n,e){var t,r,i,o=this[0],a=o&&o.attributes;if(void 0===n){if(this.length&&(i=Q.get(o),1===o.nodeType&&!Y.get(o,"hasDataAttrs"))){t=a.length;while(t--)a[t]&&0===(r=a[t].name).indexOf("data-")&&(r=X(r.slice(5)),Z(o,r,i[r]));Y.set(o,"hasDataAttrs",!0)}return i}return"object"==typeof n?this.each(function(){Q.set(this,n)}):$(this,function(e){var t;if(o&&void 0===e)return void 0!==(t=Q.get(o,n))?t:void 0!==(t=Z(o,n))?t:void 0;this.each(function(){Q.set(this,n,e)})},null,e,1<arguments.length,null,!0)},removeData:function(e){return this.each(function(){Q.remove(this,e)})}}),S.extend({queue:function(e,t,n){var r;if(e)return t=(t||"fx")+"queue",r=Y.get(e,t),n&&(!r||Array.isArray(n)?r=Y.access(e,t,S.makeArray(n)):r.push(n)),r||[]},dequeue:function(e,t){t=t||"fx";var n=S.queue(e,t),r=n.length,i=n.shift(),o=S._queueHooks(e,t);"inprogress"===i&&(i=n.shift(),r--),i&&("fx"===t&&n.unshift("inprogress"),delete o.stop,i.call(e,function(){S.dequeue(e,t)},o)),!r&&o&&o.empty.fire()},_queueHooks:function(e,t){var n=t+"queueHooks";return Y.get(e,n)||Y.access(e,n,{empty:S.Callbacks("once memory").add(function(){Y.remove(e,[t+"queue",n])})})}}),S.fn.extend({queue:function(t,n){var e=2;return"string"!=typeof t&&(n=t,t="fx",e--),arguments.length<e?S.queue(this[0],t):void 0===n?this:this.each(function(){var e=S.queue(this,t,n);S._queueHooks(this,t),"fx"===t&&"inprogress"!==e[0]&&S.dequeue(this,t)})},dequeue:function(e){return this.each(function(){S.dequeue(this,e)})},clearQueue:function(e){return this.queue(e||"fx",[])},promise:function(e,t){var n,r=1,i=S.Deferred(),o=this,a=this.length,s=function(){--r||i.resolveWith(o,[o])};"string"!=typeof e&&(t=e,e=void 0),e=e||"fx";while(a--)(n=Y.get(o[a],e+"queueHooks"))&&n.empty&&(r++,n.empty.add(s));return s(),i.promise(t)}});var ee=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,te=new RegExp("^(?:([+-])=|)("+ee+")([a-z%]*)$","i"),ne=["Top","Right","Bottom","Left"],re=E.documentElement,ie=function(e){return S.contains(e.ownerDocument,e)},oe={composed:!0};re.getRootNode&&(ie=function(e){return S.contains(e.ownerDocument,e)||e.getRootNode(oe)===e.ownerDocument});var ae=function(e,t){return"none"===(e=t||e).style.display||""===e.style.display&&ie(e)&&"none"===S.css(e,"display")};function se(e,t,n,r){var i,o,a=20,s=r?function(){return r.cur()}:function(){return S.css(e,t,"")},u=s(),l=n&&n[3]||(S.cssNumber[t]?"":"px"),c=e.nodeType&&(S.cssNumber[t]||"px"!==l&&+u)&&te.exec(S.css(e,t));if(c&&c[3]!==l){u/=2,l=l||c[3],c=+u||1;while(a--)S.style(e,t,c+l),(1-o)*(1-(o=s()/u||.5))<=0&&(a=0),c/=o;c*=2,S.style(e,t,c+l),n=n||[]}return n&&(c=+c||+u||0,i=n[1]?c+(n[1]+1)*n[2]:+n[2],r&&(r.unit=l,r.start=c,r.end=i)),i}var ue={};function le(e,t){for(var n,r,i,o,a,s,u,l=[],c=0,f=e.length;c<f;c++)(r=e[c]).style&&(n=r.style.display,t?("none"===n&&(l[c]=Y.get(r,"display")||null,l[c]||(r.style.display="")),""===r.style.display&&ae(r)&&(l[c]=(u=a=o=void 0,a=(i=r).ownerDocument,s=i.nodeName,(u=ue[s])||(o=a.body.appendChild(a.createElement(s)),u=S.css(o,"display"),o.parentNode.removeChild(o),"none"===u&&(u="block"),ue[s]=u)))):"none"!==n&&(l[c]="none",Y.set(r,"display",n)));for(c=0;c<f;c++)null!=l[c]&&(e[c].style.display=l[c]);return e}S.fn.extend({show:function(){return le(this,!0)},hide:function(){return le(this)},toggle:function(e){return"boolean"==typeof e?e?this.show():this.hide():this.each(function(){ae(this)?S(this).show():S(this).hide()})}});var ce,fe,pe=/^(?:checkbox|radio)$/i,de=/<([a-z][^\/\0>\x20\t\r\n\f]*)/i,he=/^$|^module$|\/(?:java|ecma)script/i;ce=E.createDocumentFragment().appendChild(E.createElement("div")),(fe=E.createElement("input")).setAttribute("type","radio"),fe.setAttribute("checked","checked"),fe.setAttribute("name","t"),ce.appendChild(fe),y.checkClone=ce.cloneNode(!0).cloneNode(!0).lastChild.checked,ce.innerHTML="<textarea>x</textarea>",y.noCloneChecked=!!ce.cloneNode(!0).lastChild.defaultValue,ce.innerHTML="<option></option>",y.option=!!ce.lastChild;var ge={thead:[1,"<table>","</table>"],col:[2,"<table><colgroup>","</colgroup></table>"],tr:[2,"<table><tbody>","</tbody></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],_default:[0,"",""]};function ve(e,t){var n;return n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&A(e,t)?S.merge([e],n):n}function ye(e,t){for(var n=0,r=e.length;n<r;n++)Y.set(e[n],"globalEval",!t||Y.get(t[n],"globalEval"))}ge.tbody=ge.tfoot=ge.colgroup=ge.caption=ge.thead,ge.th=ge.td,y.option||(ge.optgroup=ge.option=[1,"<select multiple='multiple'>","</select>"]);var me=/<|&#?\w+;/;function xe(e,t,n,r,i){for(var o,a,s,u,l,c,f=t.createDocumentFragment(),p=[],d=0,h=e.length;d<h;d++)if((o=e[d])||0===o)if("object"===w(o))S.merge(p,o.nodeType?[o]:o);else if(me.test(o)){a=a||f.appendChild(t.createElement("div")),s=(de.exec(o)||["",""])[1].toLowerCase(),u=ge[s]||ge._default,a.innerHTML=u[1]+S.htmlPrefilter(o)+u[2],c=u[0];while(c--)a=a.lastChild;S.merge(p,a.childNodes),(a=f.firstChild).textContent=""}else p.push(t.createTextNode(o));f.textContent="",d=0;while(o=p[d++])if(r&&-1<S.inArray(o,r))i&&i.push(o);else if(l=ie(o),a=ve(f.appendChild(o),"script"),l&&ye(a),n){c=0;while(o=a[c++])he.test(o.type||"")&&n.push(o)}return f}var be=/^([^.]*)(?:\.(.+)|)/;function we(){return!0}function Te(){return!1}function Ce(e,t){return e===function(){try{return E.activeElement}catch(e){}}()==("focus"===t)}function Ee(e,t,n,r,i,o){var a,s;if("object"==typeof t){for(s in"string"!=typeof n&&(r=r||n,n=void 0),t)Ee(e,s,n,r,t[s],o);return e}if(null==r&&null==i?(i=n,r=n=void 0):null==i&&("string"==typeof n?(i=r,r=void 0):(i=r,r=n,n=void 0)),!1===i)i=Te;else if(!i)return e;return 1===o&&(a=i,(i=function(e){return S().off(e),a.apply(this,arguments)}).guid=a.guid||(a.guid=S.guid++)),e.each(function(){S.event.add(this,t,i,r,n)})}function Se(e,i,o){o?(Y.set(e,i,!1),S.event.add(e,i,{namespace:!1,handler:function(e){var t,n,r=Y.get(this,i);if(1&e.isTrigger&&this[i]){if(r.length)(S.event.special[i]||{}).delegateType&&e.stopPropagation();else if(r=s.call(arguments),Y.set(this,i,r),t=o(this,i),this[i](),r!==(n=Y.get(this,i))||t?Y.set(this,i,!1):n={},r!==n)return e.stopImmediatePropagation(),e.preventDefault(),n&&n.value}else r.length&&(Y.set(this,i,{value:S.event.trigger(S.extend(r[0],S.Event.prototype),r.slice(1),this)}),e.stopImmediatePropagation())}})):void 0===Y.get(e,i)&&S.event.add(e,i,we)}S.event={global:{},add:function(t,e,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=Y.get(t);if(V(t)){n.handler&&(n=(o=n).handler,i=o.selector),i&&S.find.matchesSelector(re,i),n.guid||(n.guid=S.guid++),(u=v.events)||(u=v.events=Object.create(null)),(a=v.handle)||(a=v.handle=function(e){return"undefined"!=typeof S&&S.event.triggered!==e.type?S.event.dispatch.apply(t,arguments):void 0}),l=(e=(e||"").match(P)||[""]).length;while(l--)d=g=(s=be.exec(e[l])||[])[1],h=(s[2]||"").split(".").sort(),d&&(f=S.event.special[d]||{},d=(i?f.delegateType:f.bindType)||d,f=S.event.special[d]||{},c=S.extend({type:d,origType:g,data:r,handler:n,guid:n.guid,selector:i,needsContext:i&&S.expr.match.needsContext.test(i),namespace:h.join(".")},o),(p=u[d])||((p=u[d]=[]).delegateCount=0,f.setup&&!1!==f.setup.call(t,r,h,a)||t.addEventListener&&t.addEventListener(d,a)),f.add&&(f.add.call(t,c),c.handler.guid||(c.handler.guid=n.guid)),i?p.splice(p.delegateCount++,0,c):p.push(c),S.event.global[d]=!0)}},remove:function(e,t,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=Y.hasData(e)&&Y.get(e);if(v&&(u=v.events)){l=(t=(t||"").match(P)||[""]).length;while(l--)if(d=g=(s=be.exec(t[l])||[])[1],h=(s[2]||"").split(".").sort(),d){f=S.event.special[d]||{},p=u[d=(r?f.delegateType:f.bindType)||d]||[],s=s[2]&&new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"),a=o=p.length;while(o--)c=p[o],!i&&g!==c.origType||n&&n.guid!==c.guid||s&&!s.test(c.namespace)||r&&r!==c.selector&&("**"!==r||!c.selector)||(p.splice(o,1),c.selector&&p.delegateCount--,f.remove&&f.remove.call(e,c));a&&!p.length&&(f.teardown&&!1!==f.teardown.call(e,h,v.handle)||S.removeEvent(e,d,v.handle),delete u[d])}else for(d in u)S.event.remove(e,d+t[l],n,r,!0);S.isEmptyObject(u)&&Y.remove(e,"handle events")}},dispatch:function(e){var t,n,r,i,o,a,s=new Array(arguments.length),u=S.event.fix(e),l=(Y.get(this,"events")||Object.create(null))[u.type]||[],c=S.event.special[u.type]||{};for(s[0]=u,t=1;t<arguments.length;t++)s[t]=arguments[t];if(u.delegateTarget=this,!c.preDispatch||!1!==c.preDispatch.call(this,u)){a=S.event.handlers.call(this,u,l),t=0;while((i=a[t++])&&!u.isPropagationStopped()){u.currentTarget=i.elem,n=0;while((o=i.handlers[n++])&&!u.isImmediatePropagationStopped())u.rnamespace&&!1!==o.namespace&&!u.rnamespace.test(o.namespace)||(u.handleObj=o,u.data=o.data,void 0!==(r=((S.event.special[o.origType]||{}).handle||o.handler).apply(i.elem,s))&&!1===(u.result=r)&&(u.preventDefault(),u.stopPropagation()))}return c.postDispatch&&c.postDispatch.call(this,u),u.result}},handlers:function(e,t){var n,r,i,o,a,s=[],u=t.delegateCount,l=e.target;if(u&&l.nodeType&&!("click"===e.type&&1<=e.button))for(;l!==this;l=l.parentNode||this)if(1===l.nodeType&&("click"!==e.type||!0!==l.disabled)){for(o=[],a={},n=0;n<u;n++)void 0===a[i=(r=t[n]).selector+" "]&&(a[i]=r.needsContext?-1<S(i,this).index(l):S.find(i,this,null,[l]).length),a[i]&&o.push(r);o.length&&s.push({elem:l,handlers:o})}return l=this,u<t.length&&s.push({elem:l,handlers:t.slice(u)}),s},addProp:function(t,e){Object.defineProperty(S.Event.prototype,t,{enumerable:!0,configurable:!0,get:m(e)?function(){if(this.originalEvent)return e(this.originalEvent)}:function(){if(this.originalEvent)return this.originalEvent[t]},set:function(e){Object.defineProperty(this,t,{enumerable:!0,configurable:!0,writable:!0,value:e})}})},fix:function(e){return e[S.expando]?e:new S.Event(e)},special:{load:{noBubble:!0},click:{setup:function(e){var t=this||e;return pe.test(t.type)&&t.click&&A(t,"input")&&Se(t,"click",we),!1},trigger:function(e){var t=this||e;return pe.test(t.type)&&t.click&&A(t,"input")&&Se(t,"click"),!0},_default:function(e){var t=e.target;return pe.test(t.type)&&t.click&&A(t,"input")&&Y.get(t,"click")||A(t,"a")}},beforeunload:{postDispatch:function(e){void 0!==e.result&&e.originalEvent&&(e.originalEvent.returnValue=e.result)}}}},S.removeEvent=function(e,t,n){e.removeEventListener&&e.removeEventListener(t,n)},S.Event=function(e,t){if(!(this instanceof S.Event))return new S.Event(e,t);e&&e.type?(this.originalEvent=e,this.type=e.type,this.isDefaultPrevented=e.defaultPrevented||void 0===e.defaultPrevented&&!1===e.returnValue?we:Te,this.target=e.target&&3===e.target.nodeType?e.target.parentNode:e.target,this.currentTarget=e.currentTarget,this.relatedTarget=e.relatedTarget):this.type=e,t&&S.extend(this,t),this.timeStamp=e&&e.timeStamp||Date.now(),this[S.expando]=!0},S.Event.prototype={constructor:S.Event,isDefaultPrevented:Te,isPropagationStopped:Te,isImmediatePropagationStopped:Te,isSimulated:!1,preventDefault:function(){var e=this.originalEvent;this.isDefaultPrevented=we,e&&!this.isSimulated&&e.preventDefault()},stopPropagation:function(){var e=this.originalEvent;this.isPropagationStopped=we,e&&!this.isSimulated&&e.stopPropagation()},stopImmediatePropagation:function(){var e=this.originalEvent;this.isImmediatePropagationStopped=we,e&&!this.isSimulated&&e.stopImmediatePropagation(),this.stopPropagation()}},S.each({altKey:!0,bubbles:!0,cancelable:!0,changedTouches:!0,ctrlKey:!0,detail:!0,eventPhase:!0,metaKey:!0,pageX:!0,pageY:!0,shiftKey:!0,view:!0,"char":!0,code:!0,charCode:!0,key:!0,keyCode:!0,button:!0,buttons:!0,clientX:!0,clientY:!0,offsetX:!0,offsetY:!0,pointerId:!0,pointerType:!0,screenX:!0,screenY:!0,targetTouches:!0,toElement:!0,touches:!0,which:!0},S.event.addProp),S.each({focus:"focusin",blur:"focusout"},function(e,t){S.event.special[e]={setup:function(){return Se(this,e,Ce),!1},trigger:function(){return Se(this,e),!0},_default:function(){return!0},delegateType:t}}),S.each({mouseenter:"mouseover",mouseleave:"mouseout",pointerenter:"pointerover",pointerleave:"pointerout"},function(e,i){S.event.special[e]={delegateType:i,bindType:i,handle:function(e){var t,n=e.relatedTarget,r=e.handleObj;return n&&(n===this||S.contains(this,n))||(e.type=r.origType,t=r.handler.apply(this,arguments),e.type=i),t}}}),S.fn.extend({on:function(e,t,n,r){return Ee(this,e,t,n,r)},one:function(e,t,n,r){return Ee(this,e,t,n,r,1)},off:function(e,t,n){var r,i;if(e&&e.preventDefault&&e.handleObj)return r=e.handleObj,S(e.delegateTarget).off(r.namespace?r.origType+"."+r.namespace:r.origType,r.selector,r.handler),this;if("object"==typeof e){for(i in e)this.off(i,t,e[i]);return this}return!1!==t&&"function"!=typeof t||(n=t,t=void 0),!1===n&&(n=Te),this.each(function(){S.event.remove(this,e,n,t)})}});var ke=/<script|<style|<link/i,Ae=/checked\s*(?:[^=]|=\s*.checked.)/i,Ne=/^\s*<!(?:\[CDATA\[|--)|(?:\]\]|--)>\s*$/g;function je(e,t){return A(e,"table")&&A(11!==t.nodeType?t:t.firstChild,"tr")&&S(e).children("tbody")[0]||e}function De(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function qe(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function Le(e,t){var n,r,i,o,a,s;if(1===t.nodeType){if(Y.hasData(e)&&(s=Y.get(e).events))for(i in Y.remove(t,"handle events"),s)for(n=0,r=s[i].length;n<r;n++)S.event.add(t,i,s[i][n]);Q.hasData(e)&&(o=Q.access(e),a=S.extend({},o),Q.set(t,a))}}function He(n,r,i,o){r=g(r);var e,t,a,s,u,l,c=0,f=n.length,p=f-1,d=r[0],h=m(d);if(h||1<f&&"string"==typeof d&&!y.checkClone&&Ae.test(d))return n.each(function(e){var t=n.eq(e);h&&(r[0]=d.call(this,e,t.html())),He(t,r,i,o)});if(f&&(t=(e=xe(r,n[0].ownerDocument,!1,n,o)).firstChild,1===e.childNodes.length&&(e=t),t||o)){for(s=(a=S.map(ve(e,"script"),De)).length;c<f;c++)u=e,c!==p&&(u=S.clone(u,!0,!0),s&&S.merge(a,ve(u,"script"))),i.call(n[c],u,c);if(s)for(l=a[a.length-1].ownerDocument,S.map(a,qe),c=0;c<s;c++)u=a[c],he.test(u.type||"")&&!Y.access(u,"globalEval")&&S.contains(l,u)&&(u.src&&"module"!==(u.type||"").toLowerCase()?S._evalUrl&&!u.noModule&&S._evalUrl(u.src,{nonce:u.nonce||u.getAttribute("nonce")},l):b(u.textContent.replace(Ne,""),u,l))}return n}function Oe(e,t,n){for(var r,i=t?S.filter(t,e):e,o=0;null!=(r=i[o]);o++)n||1!==r.nodeType||S.cleanData(ve(r)),r.parentNode&&(n&&ie(r)&&ye(ve(r,"script")),r.parentNode.removeChild(r));return e}S.extend({htmlPrefilter:function(e){return e},clone:function(e,t,n){var r,i,o,a,s,u,l,c=e.cloneNode(!0),f=ie(e);if(!(y.noCloneChecked||1!==e.nodeType&&11!==e.nodeType||S.isXMLDoc(e)))for(a=ve(c),r=0,i=(o=ve(e)).length;r<i;r++)s=o[r],u=a[r],void 0,"input"===(l=u.nodeName.toLowerCase())&&pe.test(s.type)?u.checked=s.checked:"input"!==l&&"textarea"!==l||(u.defaultValue=s.defaultValue);if(t)if(n)for(o=o||ve(e),a=a||ve(c),r=0,i=o.length;r<i;r++)Le(o[r],a[r]);else Le(e,c);return 0<(a=ve(c,"script")).length&&ye(a,!f&&ve(e,"script")),c},cleanData:function(e){for(var t,n,r,i=S.event.special,o=0;void 0!==(n=e[o]);o++)if(V(n)){if(t=n[Y.expando]){if(t.events)for(r in t.events)i[r]?S.event.remove(n,r):S.removeEvent(n,r,t.handle);n[Y.expando]=void 0}n[Q.expando]&&(n[Q.expando]=void 0)}}}),S.fn.extend({detach:function(e){return Oe(this,e,!0)},remove:function(e){return Oe(this,e)},text:function(e){return $(this,function(e){return void 0===e?S.text(this):this.empty().each(function(){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||(this.textContent=e)})},null,e,arguments.length)},append:function(){return He(this,arguments,function(e){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||je(this,e).appendChild(e)})},prepend:function(){return He(this,arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=je(this,e);t.insertBefore(e,t.firstChild)}})},before:function(){return He(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this)})},after:function(){return He(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this.nextSibling)})},empty:function(){for(var e,t=0;null!=(e=this[t]);t++)1===e.nodeType&&(S.cleanData(ve(e,!1)),e.textContent="");return this},clone:function(e,t){return e=null!=e&&e,t=null==t?e:t,this.map(function(){return S.clone(this,e,t)})},html:function(e){return $(this,function(e){var t=this[0]||{},n=0,r=this.length;if(void 0===e&&1===t.nodeType)return t.innerHTML;if("string"==typeof e&&!ke.test(e)&&!ge[(de.exec(e)||["",""])[1].toLowerCase()]){e=S.htmlPrefilter(e);try{for(;n<r;n++)1===(t=this[n]||{}).nodeType&&(S.cleanData(ve(t,!1)),t.innerHTML=e);t=0}catch(e){}}t&&this.empty().append(e)},null,e,arguments.length)},replaceWith:function(){var n=[];return He(this,arguments,function(e){var t=this.parentNode;S.inArray(this,n)<0&&(S.cleanData(ve(this)),t&&t.replaceChild(e,this))},n)}}),S.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(e,a){S.fn[e]=function(e){for(var t,n=[],r=S(e),i=r.length-1,o=0;o<=i;o++)t=o===i?this:this.clone(!0),S(r[o])[a](t),u.apply(n,t.get());return this.pushStack(n)}});var Pe=new RegExp("^("+ee+")(?!px)[a-z%]+$","i"),Re=function(e){var t=e.ownerDocument.defaultView;return t&&t.opener||(t=C),t.getComputedStyle(e)},Me=function(e,t,n){var r,i,o={};for(i in t)o[i]=e.style[i],e.style[i]=t[i];for(i in r=n.call(e),t)e.style[i]=o[i];return r},Ie=new RegExp(ne.join("|"),"i");function We(e,t,n){var r,i,o,a,s=e.style;return(n=n||Re(e))&&(""!==(a=n.getPropertyValue(t)||n[t])||ie(e)||(a=S.style(e,t)),!y.pixelBoxStyles()&&Pe.test(a)&&Ie.test(t)&&(r=s.width,i=s.minWidth,o=s.maxWidth,s.minWidth=s.maxWidth=s.width=a,a=n.width,s.width=r,s.minWidth=i,s.maxWidth=o)),void 0!==a?a+"":a}function Fe(e,t){return{get:function(){if(!e())return(this.get=t).apply(this,arguments);delete this.get}}}!function(){function e(){if(l){u.style.cssText="position:absolute;left:-11111px;width:60px;margin-top:1px;padding:0;border:0",l.style.cssText="position:relative;display:block;box-sizing:border-box;overflow:scroll;margin:auto;border:1px;padding:1px;width:60%;top:1%",re.appendChild(u).appendChild(l);var e=C.getComputedStyle(l);n="1%"!==e.top,s=12===t(e.marginLeft),l.style.right="60%",o=36===t(e.right),r=36===t(e.width),l.style.position="absolute",i=12===t(l.offsetWidth/3),re.removeChild(u),l=null}}function t(e){return Math.round(parseFloat(e))}var n,r,i,o,a,s,u=E.createElement("div"),l=E.createElement("div");l.style&&(l.style.backgroundClip="content-box",l.cloneNode(!0).style.backgroundClip="",y.clearCloneStyle="content-box"===l.style.backgroundClip,S.extend(y,{boxSizingReliable:function(){return e(),r},pixelBoxStyles:function(){return e(),o},pixelPosition:function(){return e(),n},reliableMarginLeft:function(){return e(),s},scrollboxSize:function(){return e(),i},reliableTrDimensions:function(){var e,t,n,r;return null==a&&(e=E.createElement("table"),t=E.createElement("tr"),n=E.createElement("div"),e.style.cssText="position:absolute;left:-11111px;border-collapse:separate",t.style.cssText="border:1px solid",t.style.height="1px",n.style.height="9px",n.style.display="block",re.appendChild(e).appendChild(t).appendChild(n),r=C.getComputedStyle(t),a=parseInt(r.height,10)+parseInt(r.borderTopWidth,10)+parseInt(r.borderBottomWidth,10)===t.offsetHeight,re.removeChild(e)),a}}))}();var Be=["Webkit","Moz","ms"],$e=E.createElement("div").style,_e={};function ze(e){var t=S.cssProps[e]||_e[e];return t||(e in $e?e:_e[e]=function(e){var t=e[0].toUpperCase()+e.slice(1),n=Be.length;while(n--)if((e=Be[n]+t)in $e)return e}(e)||e)}var Ue=/^(none|table(?!-c[ea]).+)/,Xe=/^--/,Ve={position:"absolute",visibility:"hidden",display:"block"},Ge={letterSpacing:"0",fontWeight:"400"};function Ye(e,t,n){var r=te.exec(t);return r?Math.max(0,r[2]-(n||0))+(r[3]||"px"):t}function Qe(e,t,n,r,i,o){var a="width"===t?1:0,s=0,u=0;if(n===(r?"border":"content"))return 0;for(;a<4;a+=2)"margin"===n&&(u+=S.css(e,n+ne[a],!0,i)),r?("content"===n&&(u-=S.css(e,"padding"+ne[a],!0,i)),"margin"!==n&&(u-=S.css(e,"border"+ne[a]+"Width",!0,i))):(u+=S.css(e,"padding"+ne[a],!0,i),"padding"!==n?u+=S.css(e,"border"+ne[a]+"Width",!0,i):s+=S.css(e,"border"+ne[a]+"Width",!0,i));return!r&&0<=o&&(u+=Math.max(0,Math.ceil(e["offset"+t[0].toUpperCase()+t.slice(1)]-o-u-s-.5))||0),u}function Je(e,t,n){var r=Re(e),i=(!y.boxSizingReliable()||n)&&"border-box"===S.css(e,"boxSizing",!1,r),o=i,a=We(e,t,r),s="offset"+t[0].toUpperCase()+t.slice(1);if(Pe.test(a)){if(!n)return a;a="auto"}return(!y.boxSizingReliable()&&i||!y.reliableTrDimensions()&&A(e,"tr")||"auto"===a||!parseFloat(a)&&"inline"===S.css(e,"display",!1,r))&&e.getClientRects().length&&(i="border-box"===S.css(e,"boxSizing",!1,r),(o=s in e)&&(a=e[s])),(a=parseFloat(a)||0)+Qe(e,t,n||(i?"border":"content"),o,r,a)+"px"}function Ke(e,t,n,r,i){return new Ke.prototype.init(e,t,n,r,i)}S.extend({cssHooks:{opacity:{get:function(e,t){if(t){var n=We(e,"opacity");return""===n?"1":n}}}},cssNumber:{animationIterationCount:!0,columnCount:!0,fillOpacity:!0,flexGrow:!0,flexShrink:!0,fontWeight:!0,gridArea:!0,gridColumn:!0,gridColumnEnd:!0,gridColumnStart:!0,gridRow:!0,gridRowEnd:!0,gridRowStart:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{},style:function(e,t,n,r){if(e&&3!==e.nodeType&&8!==e.nodeType&&e.style){var i,o,a,s=X(t),u=Xe.test(t),l=e.style;if(u||(t=ze(s)),a=S.cssHooks[t]||S.cssHooks[s],void 0===n)return a&&"get"in a&&void 0!==(i=a.get(e,!1,r))?i:l[t];"string"===(o=typeof n)&&(i=te.exec(n))&&i[1]&&(n=se(e,t,i),o="number"),null!=n&&n==n&&("number"!==o||u||(n+=i&&i[3]||(S.cssNumber[s]?"":"px")),y.clearCloneStyle||""!==n||0!==t.indexOf("background")||(l[t]="inherit"),a&&"set"in a&&void 0===(n=a.set(e,n,r))||(u?l.setProperty(t,n):l[t]=n))}},css:function(e,t,n,r){var i,o,a,s=X(t);return Xe.test(t)||(t=ze(s)),(a=S.cssHooks[t]||S.cssHooks[s])&&"get"in a&&(i=a.get(e,!0,n)),void 0===i&&(i=We(e,t,r)),"normal"===i&&t in Ge&&(i=Ge[t]),""===n||n?(o=parseFloat(i),!0===n||isFinite(o)?o||0:i):i}}),S.each(["height","width"],function(e,u){S.cssHooks[u]={get:function(e,t,n){if(t)return!Ue.test(S.css(e,"display"))||e.getClientRects().length&&e.getBoundingClientRect().width?Je(e,u,n):Me(e,Ve,function(){return Je(e,u,n)})},set:function(e,t,n){var r,i=Re(e),o=!y.scrollboxSize()&&"absolute"===i.position,a=(o||n)&&"border-box"===S.css(e,"boxSizing",!1,i),s=n?Qe(e,u,n,a,i):0;return a&&o&&(s-=Math.ceil(e["offset"+u[0].toUpperCase()+u.slice(1)]-parseFloat(i[u])-Qe(e,u,"border",!1,i)-.5)),s&&(r=te.exec(t))&&"px"!==(r[3]||"px")&&(e.style[u]=t,t=S.css(e,u)),Ye(0,t,s)}}}),S.cssHooks.marginLeft=Fe(y.reliableMarginLeft,function(e,t){if(t)return(parseFloat(We(e,"marginLeft"))||e.getBoundingClientRect().left-Me(e,{marginLeft:0},function(){return e.getBoundingClientRect().left}))+"px"}),S.each({margin:"",padding:"",border:"Width"},function(i,o){S.cssHooks[i+o]={expand:function(e){for(var t=0,n={},r="string"==typeof e?e.split(" "):[e];t<4;t++)n[i+ne[t]+o]=r[t]||r[t-2]||r[0];return n}},"margin"!==i&&(S.cssHooks[i+o].set=Ye)}),S.fn.extend({css:function(e,t){return $(this,function(e,t,n){var r,i,o={},a=0;if(Array.isArray(t)){for(r=Re(e),i=t.length;a<i;a++)o[t[a]]=S.css(e,t[a],!1,r);return o}return void 0!==n?S.style(e,t,n):S.css(e,t)},e,t,1<arguments.length)}}),((S.Tween=Ke).prototype={constructor:Ke,init:function(e,t,n,r,i,o){this.elem=e,this.prop=n,this.easing=i||S.easing._default,this.options=t,this.start=this.now=this.cur(),this.end=r,this.unit=o||(S.cssNumber[n]?"":"px")},cur:function(){var e=Ke.propHooks[this.prop];return e&&e.get?e.get(this):Ke.propHooks._default.get(this)},run:function(e){var t,n=Ke.propHooks[this.prop];return this.options.duration?this.pos=t=S.easing[this.easing](e,this.options.duration*e,0,1,this.options.duration):this.pos=t=e,this.now=(this.end-this.start)*t+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),n&&n.set?n.set(this):Ke.propHooks._default.set(this),this}}).init.prototype=Ke.prototype,(Ke.propHooks={_default:{get:function(e){var t;return 1!==e.elem.nodeType||null!=e.elem[e.prop]&&null==e.elem.style[e.prop]?e.elem[e.prop]:(t=S.css(e.elem,e.prop,""))&&"auto"!==t?t:0},set:function(e){S.fx.step[e.prop]?S.fx.step[e.prop](e):1!==e.elem.nodeType||!S.cssHooks[e.prop]&&null==e.elem.style[ze(e.prop)]?e.elem[e.prop]=e.now:S.style(e.elem,e.prop,e.now+e.unit)}}}).scrollTop=Ke.propHooks.scrollLeft={set:function(e){e.elem.nodeType&&e.elem.parentNode&&(e.elem[e.prop]=e.now)}},S.easing={linear:function(e){return e},swing:function(e){return.5-Math.cos(e*Math.PI)/2},_default:"swing"},S.fx=Ke.prototype.init,S.fx.step={};var Ze,et,tt,nt,rt=/^(?:toggle|show|hide)$/,it=/queueHooks$/;function ot(){et&&(!1===E.hidden&&C.requestAnimationFrame?C.requestAnimationFrame(ot):C.setTimeout(ot,S.fx.interval),S.fx.tick())}function at(){return C.setTimeout(function(){Ze=void 0}),Ze=Date.now()}function st(e,t){var n,r=0,i={height:e};for(t=t?1:0;r<4;r+=2-t)i["margin"+(n=ne[r])]=i["padding"+n]=e;return t&&(i.opacity=i.width=e),i}function ut(e,t,n){for(var r,i=(lt.tweeners[t]||[]).concat(lt.tweeners["*"]),o=0,a=i.length;o<a;o++)if(r=i[o].call(n,t,e))return r}function lt(o,e,t){var n,a,r=0,i=lt.prefilters.length,s=S.Deferred().always(function(){delete u.elem}),u=function(){if(a)return!1;for(var e=Ze||at(),t=Math.max(0,l.startTime+l.duration-e),n=1-(t/l.duration||0),r=0,i=l.tweens.length;r<i;r++)l.tweens[r].run(n);return s.notifyWith(o,[l,n,t]),n<1&&i?t:(i||s.notifyWith(o,[l,1,0]),s.resolveWith(o,[l]),!1)},l=s.promise({elem:o,props:S.extend({},e),opts:S.extend(!0,{specialEasing:{},easing:S.easing._default},t),originalProperties:e,originalOptions:t,startTime:Ze||at(),duration:t.duration,tweens:[],createTween:function(e,t){var n=S.Tween(o,l.opts,e,t,l.opts.specialEasing[e]||l.opts.easing);return l.tweens.push(n),n},stop:function(e){var t=0,n=e?l.tweens.length:0;if(a)return this;for(a=!0;t<n;t++)l.tweens[t].run(1);return e?(s.notifyWith(o,[l,1,0]),s.resolveWith(o,[l,e])):s.rejectWith(o,[l,e]),this}}),c=l.props;for(!function(e,t){var n,r,i,o,a;for(n in e)if(i=t[r=X(n)],o=e[n],Array.isArray(o)&&(i=o[1],o=e[n]=o[0]),n!==r&&(e[r]=o,delete e[n]),(a=S.cssHooks[r])&&"expand"in a)for(n in o=a.expand(o),delete e[r],o)n in e||(e[n]=o[n],t[n]=i);else t[r]=i}(c,l.opts.specialEasing);r<i;r++)if(n=lt.prefilters[r].call(l,o,c,l.opts))return m(n.stop)&&(S._queueHooks(l.elem,l.opts.queue).stop=n.stop.bind(n)),n;return S.map(c,ut,l),m(l.opts.start)&&l.opts.start.call(o,l),l.progress(l.opts.progress).done(l.opts.done,l.opts.complete).fail(l.opts.fail).always(l.opts.always),S.fx.timer(S.extend(u,{elem:o,anim:l,queue:l.opts.queue})),l}S.Animation=S.extend(lt,{tweeners:{"*":[function(e,t){var n=this.createTween(e,t);return se(n.elem,e,te.exec(t),n),n}]},tweener:function(e,t){m(e)?(t=e,e=["*"]):e=e.match(P);for(var n,r=0,i=e.length;r<i;r++)n=e[r],lt.tweeners[n]=lt.tweeners[n]||[],lt.tweeners[n].unshift(t)},prefilters:[function(e,t,n){var r,i,o,a,s,u,l,c,f="width"in t||"height"in t,p=this,d={},h=e.style,g=e.nodeType&&ae(e),v=Y.get(e,"fxshow");for(r in n.queue||(null==(a=S._queueHooks(e,"fx")).unqueued&&(a.unqueued=0,s=a.empty.fire,a.empty.fire=function(){a.unqueued||s()}),a.unqueued++,p.always(function(){p.always(function(){a.unqueued--,S.queue(e,"fx").length||a.empty.fire()})})),t)if(i=t[r],rt.test(i)){if(delete t[r],o=o||"toggle"===i,i===(g?"hide":"show")){if("show"!==i||!v||void 0===v[r])continue;g=!0}d[r]=v&&v[r]||S.style(e,r)}if((u=!S.isEmptyObject(t))||!S.isEmptyObject(d))for(r in f&&1===e.nodeType&&(n.overflow=[h.overflow,h.overflowX,h.overflowY],null==(l=v&&v.display)&&(l=Y.get(e,"display")),"none"===(c=S.css(e,"display"))&&(l?c=l:(le([e],!0),l=e.style.display||l,c=S.css(e,"display"),le([e]))),("inline"===c||"inline-block"===c&&null!=l)&&"none"===S.css(e,"float")&&(u||(p.done(function(){h.display=l}),null==l&&(c=h.display,l="none"===c?"":c)),h.display="inline-block")),n.overflow&&(h.overflow="hidden",p.always(function(){h.overflow=n.overflow[0],h.overflowX=n.overflow[1],h.overflowY=n.overflow[2]})),u=!1,d)u||(v?"hidden"in v&&(g=v.hidden):v=Y.access(e,"fxshow",{display:l}),o&&(v.hidden=!g),g&&le([e],!0),p.done(function(){for(r in g||le([e]),Y.remove(e,"fxshow"),d)S.style(e,r,d[r])})),u=ut(g?v[r]:0,r,p),r in v||(v[r]=u.start,g&&(u.end=u.start,u.start=0))}],prefilter:function(e,t){t?lt.prefilters.unshift(e):lt.prefilters.push(e)}}),S.speed=function(e,t,n){var r=e&&"object"==typeof e?S.extend({},e):{complete:n||!n&&t||m(e)&&e,duration:e,easing:n&&t||t&&!m(t)&&t};return S.fx.off?r.duration=0:"number"!=typeof r.duration&&(r.duration in S.fx.speeds?r.duration=S.fx.speeds[r.duration]:r.duration=S.fx.speeds._default),null!=r.queue&&!0!==r.queue||(r.queue="fx"),r.old=r.complete,r.complete=function(){m(r.old)&&r.old.call(this),r.queue&&S.dequeue(this,r.queue)},r},S.fn.extend({fadeTo:function(e,t,n,r){return this.filter(ae).css("opacity",0).show().end().animate({opacity:t},e,n,r)},animate:function(t,e,n,r){var i=S.isEmptyObject(t),o=S.speed(e,n,r),a=function(){var e=lt(this,S.extend({},t),o);(i||Y.get(this,"finish"))&&e.stop(!0)};return a.finish=a,i||!1===o.queue?this.each(a):this.queue(o.queue,a)},stop:function(i,e,o){var a=function(e){var t=e.stop;delete e.stop,t(o)};return"string"!=typeof i&&(o=e,e=i,i=void 0),e&&this.queue(i||"fx",[]),this.each(function(){var e=!0,t=null!=i&&i+"queueHooks",n=S.timers,r=Y.get(this);if(t)r[t]&&r[t].stop&&a(r[t]);else for(t in r)r[t]&&r[t].stop&&it.test(t)&&a(r[t]);for(t=n.length;t--;)n[t].elem!==this||null!=i&&n[t].queue!==i||(n[t].anim.stop(o),e=!1,n.splice(t,1));!e&&o||S.dequeue(this,i)})},finish:function(a){return!1!==a&&(a=a||"fx"),this.each(function(){var e,t=Y.get(this),n=t[a+"queue"],r=t[a+"queueHooks"],i=S.timers,o=n?n.length:0;for(t.finish=!0,S.queue(this,a,[]),r&&r.stop&&r.stop.call(this,!0),e=i.length;e--;)i[e].elem===this&&i[e].queue===a&&(i[e].anim.stop(!0),i.splice(e,1));for(e=0;e<o;e++)n[e]&&n[e].finish&&n[e].finish.call(this);delete t.finish})}}),S.each(["toggle","show","hide"],function(e,r){var i=S.fn[r];S.fn[r]=function(e,t,n){return null==e||"boolean"==typeof e?i.apply(this,arguments):this.animate(st(r,!0),e,t,n)}}),S.each({slideDown:st("show"),slideUp:st("hide"),slideToggle:st("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(e,r){S.fn[e]=function(e,t,n){return this.animate(r,e,t,n)}}),S.timers=[],S.fx.tick=function(){var e,t=0,n=S.timers;for(Ze=Date.now();t<n.length;t++)(e=n[t])()||n[t]!==e||n.splice(t--,1);n.length||S.fx.stop(),Ze=void 0},S.fx.timer=function(e){S.timers.push(e),S.fx.start()},S.fx.interval=13,S.fx.start=function(){et||(et=!0,ot())},S.fx.stop=function(){et=null},S.fx.speeds={slow:600,fast:200,_default:400},S.fn.delay=function(r,e){return r=S.fx&&S.fx.speeds[r]||r,e=e||"fx",this.queue(e,function(e,t){var n=C.setTimeout(e,r);t.stop=function(){C.clearTimeout(n)}})},tt=E.createElement("input"),nt=E.createElement("select").appendChild(E.createElement("option")),tt.type="checkbox",y.checkOn=""!==tt.value,y.optSelected=nt.selected,(tt=E.createElement("input")).value="t",tt.type="radio",y.radioValue="t"===tt.value;var ct,ft=S.expr.attrHandle;S.fn.extend({attr:function(e,t){return $(this,S.attr,e,t,1<arguments.length)},removeAttr:function(e){return this.each(function(){S.removeAttr(this,e)})}}),S.extend({attr:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return"undefined"==typeof e.getAttribute?S.prop(e,t,n):(1===o&&S.isXMLDoc(e)||(i=S.attrHooks[t.toLowerCase()]||(S.expr.match.bool.test(t)?ct:void 0)),void 0!==n?null===n?void S.removeAttr(e,t):i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:(e.setAttribute(t,n+""),n):i&&"get"in i&&null!==(r=i.get(e,t))?r:null==(r=S.find.attr(e,t))?void 0:r)},attrHooks:{type:{set:function(e,t){if(!y.radioValue&&"radio"===t&&A(e,"input")){var n=e.value;return e.setAttribute("type",t),n&&(e.value=n),t}}}},removeAttr:function(e,t){var n,r=0,i=t&&t.match(P);if(i&&1===e.nodeType)while(n=i[r++])e.removeAttribute(n)}}),ct={set:function(e,t,n){return!1===t?S.removeAttr(e,n):e.setAttribute(n,n),n}},S.each(S.expr.match.bool.source.match(/\w+/g),function(e,t){var a=ft[t]||S.find.attr;ft[t]=function(e,t,n){var r,i,o=t.toLowerCase();return n||(i=ft[o],ft[o]=r,r=null!=a(e,t,n)?o:null,ft[o]=i),r}});var pt=/^(?:input|select|textarea|button)$/i,dt=/^(?:a|area)$/i;function ht(e){return(e.match(P)||[]).join(" ")}function gt(e){return e.getAttribute&&e.getAttribute("class")||""}function vt(e){return Array.isArray(e)?e:"string"==typeof e&&e.match(P)||[]}S.fn.extend({prop:function(e,t){return $(this,S.prop,e,t,1<arguments.length)},removeProp:function(e){return this.each(function(){delete this[S.propFix[e]||e]})}}),S.extend({prop:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return 1===o&&S.isXMLDoc(e)||(t=S.propFix[t]||t,i=S.propHooks[t]),void 0!==n?i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:e[t]=n:i&&"get"in i&&null!==(r=i.get(e,t))?r:e[t]},propHooks:{tabIndex:{get:function(e){var t=S.find.attr(e,"tabindex");return t?parseInt(t,10):pt.test(e.nodeName)||dt.test(e.nodeName)&&e.href?0:-1}}},propFix:{"for":"htmlFor","class":"className"}}),y.optSelected||(S.propHooks.selected={get:function(e){var t=e.parentNode;return t&&t.parentNode&&t.parentNode.selectedIndex,null},set:function(e){var t=e.parentNode;t&&(t.selectedIndex,t.parentNode&&t.parentNode.selectedIndex)}}),S.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],function(){S.propFix[this.toLowerCase()]=this}),S.fn.extend({addClass:function(t){var e,n,r,i,o,a,s,u=0;if(m(t))return this.each(function(e){S(this).addClass(t.call(this,e,gt(this)))});if((e=vt(t)).length)while(n=this[u++])if(i=gt(n),r=1===n.nodeType&&" "+ht(i)+" "){a=0;while(o=e[a++])r.indexOf(" "+o+" ")<0&&(r+=o+" ");i!==(s=ht(r))&&n.setAttribute("class",s)}return this},removeClass:function(t){var e,n,r,i,o,a,s,u=0;if(m(t))return this.each(function(e){S(this).removeClass(t.call(this,e,gt(this)))});if(!arguments.length)return this.attr("class","");if((e=vt(t)).length)while(n=this[u++])if(i=gt(n),r=1===n.nodeType&&" "+ht(i)+" "){a=0;while(o=e[a++])while(-1<r.indexOf(" "+o+" "))r=r.replace(" "+o+" "," ");i!==(s=ht(r))&&n.setAttribute("class",s)}return this},toggleClass:function(i,t){var o=typeof i,a="string"===o||Array.isArray(i);return"boolean"==typeof t&&a?t?this.addClass(i):this.removeClass(i):m(i)?this.each(function(e){S(this).toggleClass(i.call(this,e,gt(this),t),t)}):this.each(function(){var e,t,n,r;if(a){t=0,n=S(this),r=vt(i);while(e=r[t++])n.hasClass(e)?n.removeClass(e):n.addClass(e)}else void 0!==i&&"boolean"!==o||((e=gt(this))&&Y.set(this,"__className__",e),this.setAttribute&&this.setAttribute("class",e||!1===i?"":Y.get(this,"__className__")||""))})},hasClass:function(e){var t,n,r=0;t=" "+e+" ";while(n=this[r++])if(1===n.nodeType&&-1<(" "+ht(gt(n))+" ").indexOf(t))return!0;return!1}});var yt=/\r/g;S.fn.extend({val:function(n){var r,e,i,t=this[0];return arguments.length?(i=m(n),this.each(function(e){var t;1===this.nodeType&&(null==(t=i?n.call(this,e,S(this).val()):n)?t="":"number"==typeof t?t+="":Array.isArray(t)&&(t=S.map(t,function(e){return null==e?"":e+""})),(r=S.valHooks[this.type]||S.valHooks[this.nodeName.toLowerCase()])&&"set"in r&&void 0!==r.set(this,t,"value")||(this.value=t))})):t?(r=S.valHooks[t.type]||S.valHooks[t.nodeName.toLowerCase()])&&"get"in r&&void 0!==(e=r.get(t,"value"))?e:"string"==typeof(e=t.value)?e.replace(yt,""):null==e?"":e:void 0}}),S.extend({valHooks:{option:{get:function(e){var t=S.find.attr(e,"value");return null!=t?t:ht(S.text(e))}},select:{get:function(e){var t,n,r,i=e.options,o=e.selectedIndex,a="select-one"===e.type,s=a?null:[],u=a?o+1:i.length;for(r=o<0?u:a?o:0;r<u;r++)if(((n=i[r]).selected||r===o)&&!n.disabled&&(!n.parentNode.disabled||!A(n.parentNode,"optgroup"))){if(t=S(n).val(),a)return t;s.push(t)}return s},set:function(e,t){var n,r,i=e.options,o=S.makeArray(t),a=i.length;while(a--)((r=i[a]).selected=-1<S.inArray(S.valHooks.option.get(r),o))&&(n=!0);return n||(e.selectedIndex=-1),o}}}}),S.each(["radio","checkbox"],function(){S.valHooks[this]={set:function(e,t){if(Array.isArray(t))return e.checked=-1<S.inArray(S(e).val(),t)}},y.checkOn||(S.valHooks[this].get=function(e){return null===e.getAttribute("value")?"on":e.value})}),y.focusin="onfocusin"in C;var mt=/^(?:focusinfocus|focusoutblur)$/,xt=function(e){e.stopPropagation()};S.extend(S.event,{trigger:function(e,t,n,r){var i,o,a,s,u,l,c,f,p=[n||E],d=v.call(e,"type")?e.type:e,h=v.call(e,"namespace")?e.namespace.split("."):[];if(o=f=a=n=n||E,3!==n.nodeType&&8!==n.nodeType&&!mt.test(d+S.event.triggered)&&(-1<d.indexOf(".")&&(d=(h=d.split(".")).shift(),h.sort()),u=d.indexOf(":")<0&&"on"+d,(e=e[S.expando]?e:new S.Event(d,"object"==typeof e&&e)).isTrigger=r?2:3,e.namespace=h.join("."),e.rnamespace=e.namespace?new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,e.result=void 0,e.target||(e.target=n),t=null==t?[e]:S.makeArray(t,[e]),c=S.event.special[d]||{},r||!c.trigger||!1!==c.trigger.apply(n,t))){if(!r&&!c.noBubble&&!x(n)){for(s=c.delegateType||d,mt.test(s+d)||(o=o.parentNode);o;o=o.parentNode)p.push(o),a=o;a===(n.ownerDocument||E)&&p.push(a.defaultView||a.parentWindow||C)}i=0;while((o=p[i++])&&!e.isPropagationStopped())f=o,e.type=1<i?s:c.bindType||d,(l=(Y.get(o,"events")||Object.create(null))[e.type]&&Y.get(o,"handle"))&&l.apply(o,t),(l=u&&o[u])&&l.apply&&V(o)&&(e.result=l.apply(o,t),!1===e.result&&e.preventDefault());return e.type=d,r||e.isDefaultPrevented()||c._default&&!1!==c._default.apply(p.pop(),t)||!V(n)||u&&m(n[d])&&!x(n)&&((a=n[u])&&(n[u]=null),S.event.triggered=d,e.isPropagationStopped()&&f.addEventListener(d,xt),n[d](),e.isPropagationStopped()&&f.removeEventListener(d,xt),S.event.triggered=void 0,a&&(n[u]=a)),e.result}},simulate:function(e,t,n){var r=S.extend(new S.Event,n,{type:e,isSimulated:!0});S.event.trigger(r,null,t)}}),S.fn.extend({trigger:function(e,t){return this.each(function(){S.event.trigger(e,t,this)})},triggerHandler:function(e,t){var n=this[0];if(n)return S.event.trigger(e,t,n,!0)}}),y.focusin||S.each({focus:"focusin",blur:"focusout"},function(n,r){var i=function(e){S.event.simulate(r,e.target,S.event.fix(e))};S.event.special[r]={setup:function(){var e=this.ownerDocument||this.document||this,t=Y.access(e,r);t||e.addEventListener(n,i,!0),Y.access(e,r,(t||0)+1)},teardown:function(){var e=this.ownerDocument||this.document||this,t=Y.access(e,r)-1;t?Y.access(e,r,t):(e.removeEventListener(n,i,!0),Y.remove(e,r))}}});var bt=C.location,wt={guid:Date.now()},Tt=/\?/;S.parseXML=function(e){var t,n;if(!e||"string"!=typeof e)return null;try{t=(new C.DOMParser).parseFromString(e,"text/xml")}catch(e){}return n=t&&t.getElementsByTagName("parsererror")[0],t&&!n||S.error("Invalid XML: "+(n?S.map(n.childNodes,function(e){return e.textContent}).join("\n"):e)),t};var Ct=/\[\]$/,Et=/\r?\n/g,St=/^(?:submit|button|image|reset|file)$/i,kt=/^(?:input|select|textarea|keygen)/i;function At(n,e,r,i){var t;if(Array.isArray(e))S.each(e,function(e,t){r||Ct.test(n)?i(n,t):At(n+"["+("object"==typeof t&&null!=t?e:"")+"]",t,r,i)});else if(r||"object"!==w(e))i(n,e);else for(t in e)At(n+"["+t+"]",e[t],r,i)}S.param=function(e,t){var n,r=[],i=function(e,t){var n=m(t)?t():t;r[r.length]=encodeURIComponent(e)+"="+encodeURIComponent(null==n?"":n)};if(null==e)return"";if(Array.isArray(e)||e.jquery&&!S.isPlainObject(e))S.each(e,function(){i(this.name,this.value)});else for(n in e)At(n,e[n],t,i);return r.join("&")},S.fn.extend({serialize:function(){return S.param(this.serializeArray())},serializeArray:function(){return this.map(function(){var e=S.prop(this,"elements");return e?S.makeArray(e):this}).filter(function(){var e=this.type;return this.name&&!S(this).is(":disabled")&&kt.test(this.nodeName)&&!St.test(e)&&(this.checked||!pe.test(e))}).map(function(e,t){var n=S(this).val();return null==n?null:Array.isArray(n)?S.map(n,function(e){return{name:t.name,value:e.replace(Et,"\r\n")}}):{name:t.name,value:n.replace(Et,"\r\n")}}).get()}});var Nt=/%20/g,jt=/#.*$/,Dt=/([?&])_=[^&]*/,qt=/^(.*?):[ \t]*([^\r\n]*)$/gm,Lt=/^(?:GET|HEAD)$/,Ht=/^\/\//,Ot={},Pt={},Rt="*/".concat("*"),Mt=E.createElement("a");function It(o){return function(e,t){"string"!=typeof e&&(t=e,e="*");var n,r=0,i=e.toLowerCase().match(P)||[];if(m(t))while(n=i[r++])"+"===n[0]?(n=n.slice(1)||"*",(o[n]=o[n]||[]).unshift(t)):(o[n]=o[n]||[]).push(t)}}function Wt(t,i,o,a){var s={},u=t===Pt;function l(e){var r;return s[e]=!0,S.each(t[e]||[],function(e,t){var n=t(i,o,a);return"string"!=typeof n||u||s[n]?u?!(r=n):void 0:(i.dataTypes.unshift(n),l(n),!1)}),r}return l(i.dataTypes[0])||!s["*"]&&l("*")}function Ft(e,t){var n,r,i=S.ajaxSettings.flatOptions||{};for(n in t)void 0!==t[n]&&((i[n]?e:r||(r={}))[n]=t[n]);return r&&S.extend(!0,e,r),e}Mt.href=bt.href,S.extend({active:0,lastModified:{},etag:{},ajaxSettings:{url:bt.href,type:"GET",isLocal:/^(?:about|app|app-storage|.+-extension|file|res|widget):$/.test(bt.protocol),global:!0,processData:!0,async:!0,contentType:"application/x-www-form-urlencoded; charset=UTF-8",accepts:{"*":Rt,text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"},contents:{xml:/\bxml\b/,html:/\bhtml/,json:/\bjson\b/},responseFields:{xml:"responseXML",text:"responseText",json:"responseJSON"},converters:{"* text":String,"text html":!0,"text json":JSON.parse,"text xml":S.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(e,t){return t?Ft(Ft(e,S.ajaxSettings),t):Ft(S.ajaxSettings,e)},ajaxPrefilter:It(Ot),ajaxTransport:It(Pt),ajax:function(e,t){"object"==typeof e&&(t=e,e=void 0),t=t||{};var c,f,p,n,d,r,h,g,i,o,v=S.ajaxSetup({},t),y=v.context||v,m=v.context&&(y.nodeType||y.jquery)?S(y):S.event,x=S.Deferred(),b=S.Callbacks("once memory"),w=v.statusCode||{},a={},s={},u="canceled",T={readyState:0,getResponseHeader:function(e){var t;if(h){if(!n){n={};while(t=qt.exec(p))n[t[1].toLowerCase()+" "]=(n[t[1].toLowerCase()+" "]||[]).concat(t[2])}t=n[e.toLowerCase()+" "]}return null==t?null:t.join(", ")},getAllResponseHeaders:function(){return h?p:null},setRequestHeader:function(e,t){return null==h&&(e=s[e.toLowerCase()]=s[e.toLowerCase()]||e,a[e]=t),this},overrideMimeType:function(e){return null==h&&(v.mimeType=e),this},statusCode:function(e){var t;if(e)if(h)T.always(e[T.status]);else for(t in e)w[t]=[w[t],e[t]];return this},abort:function(e){var t=e||u;return c&&c.abort(t),l(0,t),this}};if(x.promise(T),v.url=((e||v.url||bt.href)+"").replace(Ht,bt.protocol+"//"),v.type=t.method||t.type||v.method||v.type,v.dataTypes=(v.dataType||"*").toLowerCase().match(P)||[""],null==v.crossDomain){r=E.createElement("a");try{r.href=v.url,r.href=r.href,v.crossDomain=Mt.protocol+"//"+Mt.host!=r.protocol+"//"+r.host}catch(e){v.crossDomain=!0}}if(v.data&&v.processData&&"string"!=typeof v.data&&(v.data=S.param(v.data,v.traditional)),Wt(Ot,v,t,T),h)return T;for(i in(g=S.event&&v.global)&&0==S.active++&&S.event.trigger("ajaxStart"),v.type=v.type.toUpperCase(),v.hasContent=!Lt.test(v.type),f=v.url.replace(jt,""),v.hasContent?v.data&&v.processData&&0===(v.contentType||"").indexOf("application/x-www-form-urlencoded")&&(v.data=v.data.replace(Nt,"+")):(o=v.url.slice(f.length),v.data&&(v.processData||"string"==typeof v.data)&&(f+=(Tt.test(f)?"&":"?")+v.data,delete v.data),!1===v.cache&&(f=f.replace(Dt,"$1"),o=(Tt.test(f)?"&":"?")+"_="+wt.guid+++o),v.url=f+o),v.ifModified&&(S.lastModified[f]&&T.setRequestHeader("If-Modified-Since",S.lastModified[f]),S.etag[f]&&T.setRequestHeader("If-None-Match",S.etag[f])),(v.data&&v.hasContent&&!1!==v.contentType||t.contentType)&&T.setRequestHeader("Content-Type",v.contentType),T.setRequestHeader("Accept",v.dataTypes[0]&&v.accepts[v.dataTypes[0]]?v.accepts[v.dataTypes[0]]+("*"!==v.dataTypes[0]?", "+Rt+"; q=0.01":""):v.accepts["*"]),v.headers)T.setRequestHeader(i,v.headers[i]);if(v.beforeSend&&(!1===v.beforeSend.call(y,T,v)||h))return T.abort();if(u="abort",b.add(v.complete),T.done(v.success),T.fail(v.error),c=Wt(Pt,v,t,T)){if(T.readyState=1,g&&m.trigger("ajaxSend",[T,v]),h)return T;v.async&&0<v.timeout&&(d=C.setTimeout(function(){T.abort("timeout")},v.timeout));try{h=!1,c.send(a,l)}catch(e){if(h)throw e;l(-1,e)}}else l(-1,"No Transport");function l(e,t,n,r){var i,o,a,s,u,l=t;h||(h=!0,d&&C.clearTimeout(d),c=void 0,p=r||"",T.readyState=0<e?4:0,i=200<=e&&e<300||304===e,n&&(s=function(e,t,n){var r,i,o,a,s=e.contents,u=e.dataTypes;while("*"===u[0])u.shift(),void 0===r&&(r=e.mimeType||t.getResponseHeader("Content-Type"));if(r)for(i in s)if(s[i]&&s[i].test(r)){u.unshift(i);break}if(u[0]in n)o=u[0];else{for(i in n){if(!u[0]||e.converters[i+" "+u[0]]){o=i;break}a||(a=i)}o=o||a}if(o)return o!==u[0]&&u.unshift(o),n[o]}(v,T,n)),!i&&-1<S.inArray("script",v.dataTypes)&&S.inArray("json",v.dataTypes)<0&&(v.converters["text script"]=function(){}),s=function(e,t,n,r){var i,o,a,s,u,l={},c=e.dataTypes.slice();if(c[1])for(a in e.converters)l[a.toLowerCase()]=e.converters[a];o=c.shift();while(o)if(e.responseFields[o]&&(n[e.responseFields[o]]=t),!u&&r&&e.dataFilter&&(t=e.dataFilter(t,e.dataType)),u=o,o=c.shift())if("*"===o)o=u;else if("*"!==u&&u!==o){if(!(a=l[u+" "+o]||l["* "+o]))for(i in l)if((s=i.split(" "))[1]===o&&(a=l[u+" "+s[0]]||l["* "+s[0]])){!0===a?a=l[i]:!0!==l[i]&&(o=s[0],c.unshift(s[1]));break}if(!0!==a)if(a&&e["throws"])t=a(t);else try{t=a(t)}catch(e){return{state:"parsererror",error:a?e:"No conversion from "+u+" to "+o}}}return{state:"success",data:t}}(v,s,T,i),i?(v.ifModified&&((u=T.getResponseHeader("Last-Modified"))&&(S.lastModified[f]=u),(u=T.getResponseHeader("etag"))&&(S.etag[f]=u)),204===e||"HEAD"===v.type?l="nocontent":304===e?l="notmodified":(l=s.state,o=s.data,i=!(a=s.error))):(a=l,!e&&l||(l="error",e<0&&(e=0))),T.status=e,T.statusText=(t||l)+"",i?x.resolveWith(y,[o,l,T]):x.rejectWith(y,[T,l,a]),T.statusCode(w),w=void 0,g&&m.trigger(i?"ajaxSuccess":"ajaxError",[T,v,i?o:a]),b.fireWith(y,[T,l]),g&&(m.trigger("ajaxComplete",[T,v]),--S.active||S.event.trigger("ajaxStop")))}return T},getJSON:function(e,t,n){return S.get(e,t,n,"json")},getScript:function(e,t){return S.get(e,void 0,t,"script")}}),S.each(["get","post"],function(e,i){S[i]=function(e,t,n,r){return m(t)&&(r=r||n,n=t,t=void 0),S.ajax(S.extend({url:e,type:i,dataType:r,data:t,success:n},S.isPlainObject(e)&&e))}}),S.ajaxPrefilter(function(e){var t;for(t in e.headers)"content-type"===t.toLowerCase()&&(e.contentType=e.headers[t]||"")}),S._evalUrl=function(e,t,n){return S.ajax({url:e,type:"GET",dataType:"script",cache:!0,async:!1,global:!1,converters:{"text script":function(){}},dataFilter:function(e){S.globalEval(e,t,n)}})},S.fn.extend({wrapAll:function(e){var t;return this[0]&&(m(e)&&(e=e.call(this[0])),t=S(e,this[0].ownerDocument).eq(0).clone(!0),this[0].parentNode&&t.insertBefore(this[0]),t.map(function(){var e=this;while(e.firstElementChild)e=e.firstElementChild;return e}).append(this)),this},wrapInner:function(n){return m(n)?this.each(function(e){S(this).wrapInner(n.call(this,e))}):this.each(function(){var e=S(this),t=e.contents();t.length?t.wrapAll(n):e.append(n)})},wrap:function(t){var n=m(t);return this.each(function(e){S(this).wrapAll(n?t.call(this,e):t)})},unwrap:function(e){return this.parent(e).not("body").each(function(){S(this).replaceWith(this.childNodes)}),this}}),S.expr.pseudos.hidden=function(e){return!S.expr.pseudos.visible(e)},S.expr.pseudos.visible=function(e){return!!(e.offsetWidth||e.offsetHeight||e.getClientRects().length)},S.ajaxSettings.xhr=function(){try{return new C.XMLHttpRequest}catch(e){}};var Bt={0:200,1223:204},$t=S.ajaxSettings.xhr();y.cors=!!$t&&"withCredentials"in $t,y.ajax=$t=!!$t,S.ajaxTransport(function(i){var o,a;if(y.cors||$t&&!i.crossDomain)return{send:function(e,t){var n,r=i.xhr();if(r.open(i.type,i.url,i.async,i.username,i.password),i.xhrFields)for(n in i.xhrFields)r[n]=i.xhrFields[n];for(n in i.mimeType&&r.overrideMimeType&&r.overrideMimeType(i.mimeType),i.crossDomain||e["X-Requested-With"]||(e["X-Requested-With"]="XMLHttpRequest"),e)r.setRequestHeader(n,e[n]);o=function(e){return function(){o&&(o=a=r.onload=r.onerror=r.onabort=r.ontimeout=r.onreadystatechange=null,"abort"===e?r.abort():"error"===e?"number"!=typeof r.status?t(0,"error"):t(r.status,r.statusText):t(Bt[r.status]||r.status,r.statusText,"text"!==(r.responseType||"text")||"string"!=typeof r.responseText?{binary:r.response}:{text:r.responseText},r.getAllResponseHeaders()))}},r.onload=o(),a=r.onerror=r.ontimeout=o("error"),void 0!==r.onabort?r.onabort=a:r.onreadystatechange=function(){4===r.readyState&&C.setTimeout(function(){o&&a()})},o=o("abort");try{r.send(i.hasContent&&i.data||null)}catch(e){if(o)throw e}},abort:function(){o&&o()}}}),S.ajaxPrefilter(function(e){e.crossDomain&&(e.contents.script=!1)}),S.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/\b(?:java|ecma)script\b/},converters:{"text script":function(e){return S.globalEval(e),e}}}),S.ajaxPrefilter("script",function(e){void 0===e.cache&&(e.cache=!1),e.crossDomain&&(e.type="GET")}),S.ajaxTransport("script",function(n){var r,i;if(n.crossDomain||n.scriptAttrs)return{send:function(e,t){r=S("<script>").attr(n.scriptAttrs||{}).prop({charset:n.scriptCharset,src:n.url}).on("load error",i=function(e){r.remove(),i=null,e&&t("error"===e.type?404:200,e.type)}),E.head.appendChild(r[0])},abort:function(){i&&i()}}});var _t,zt=[],Ut=/(=)\?(?=&|$)|\?\?/;S.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=zt.pop()||S.expando+"_"+wt.guid++;return this[e]=!0,e}}),S.ajaxPrefilter("json jsonp",function(e,t,n){var r,i,o,a=!1!==e.jsonp&&(Ut.test(e.url)?"url":"string"==typeof e.data&&0===(e.contentType||"").indexOf("application/x-www-form-urlencoded")&&Ut.test(e.data)&&"data");if(a||"jsonp"===e.dataTypes[0])return r=e.jsonpCallback=m(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Ut,"$1"+r):!1!==e.jsonp&&(e.url+=(Tt.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||S.error(r+" was not called"),o[0]},e.dataTypes[0]="json",i=C[r],C[r]=function(){o=arguments},n.always(function(){void 0===i?S(C).removeProp(r):C[r]=i,e[r]&&(e.jsonpCallback=t.jsonpCallback,zt.push(r)),o&&m(i)&&i(o[0]),o=i=void 0}),"script"}),y.createHTMLDocument=((_t=E.implementation.createHTMLDocument("").body).innerHTML="<form></form><form></form>",2===_t.childNodes.length),S.parseHTML=function(e,t,n){return"string"!=typeof e?[]:("boolean"==typeof t&&(n=t,t=!1),t||(y.createHTMLDocument?((r=(t=E.implementation.createHTMLDocument("")).createElement("base")).href=E.location.href,t.head.appendChild(r)):t=E),o=!n&&[],(i=N.exec(e))?[t.createElement(i[1])]:(i=xe([e],t,o),o&&o.length&&S(o).remove(),S.merge([],i.childNodes)));var r,i,o},S.fn.load=function(e,t,n){var r,i,o,a=this,s=e.indexOf(" ");return-1<s&&(r=ht(e.slice(s)),e=e.slice(0,s)),m(t)?(n=t,t=void 0):t&&"object"==typeof t&&(i="POST"),0<a.length&&S.ajax({url:e,type:i||"GET",dataType:"html",data:t}).done(function(e){o=arguments,a.html(r?S("<div>").append(S.parseHTML(e)).find(r):e)}).always(n&&function(e,t){a.each(function(){n.apply(this,o||[e.responseText,t,e])})}),this},S.expr.pseudos.animated=function(t){return S.grep(S.timers,function(e){return t===e.elem}).length},S.offset={setOffset:function(e,t,n){var r,i,o,a,s,u,l=S.css(e,"position"),c=S(e),f={};"static"===l&&(e.style.position="relative"),s=c.offset(),o=S.css(e,"top"),u=S.css(e,"left"),("absolute"===l||"fixed"===l)&&-1<(o+u).indexOf("auto")?(a=(r=c.position()).top,i=r.left):(a=parseFloat(o)||0,i=parseFloat(u)||0),m(t)&&(t=t.call(e,n,S.extend({},s))),null!=t.top&&(f.top=t.top-s.top+a),null!=t.left&&(f.left=t.left-s.left+i),"using"in t?t.using.call(e,f):c.css(f)}},S.fn.extend({offset:function(t){if(arguments.length)return void 0===t?this:this.each(function(e){S.offset.setOffset(this,t,e)});var e,n,r=this[0];return r?r.getClientRects().length?(e=r.getBoundingClientRect(),n=r.ownerDocument.defaultView,{top:e.top+n.pageYOffset,left:e.left+n.pageXOffset}):{top:0,left:0}:void 0},position:function(){if(this[0]){var e,t,n,r=this[0],i={top:0,left:0};if("fixed"===S.css(r,"position"))t=r.getBoundingClientRect();else{t=this.offset(),n=r.ownerDocument,e=r.offsetParent||n.documentElement;while(e&&(e===n.body||e===n.documentElement)&&"static"===S.css(e,"position"))e=e.parentNode;e&&e!==r&&1===e.nodeType&&((i=S(e).offset()).top+=S.css(e,"borderTopWidth",!0),i.left+=S.css(e,"borderLeftWidth",!0))}return{top:t.top-i.top-S.css(r,"marginTop",!0),left:t.left-i.left-S.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent;while(e&&"static"===S.css(e,"position"))e=e.offsetParent;return e||re})}}),S.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(t,i){var o="pageYOffset"===i;S.fn[t]=function(e){return $(this,function(e,t,n){var r;if(x(e)?r=e:9===e.nodeType&&(r=e.defaultView),void 0===n)return r?r[i]:e[t];r?r.scrollTo(o?r.pageXOffset:n,o?n:r.pageYOffset):e[t]=n},t,e,arguments.length)}}),S.each(["top","left"],function(e,n){S.cssHooks[n]=Fe(y.pixelPosition,function(e,t){if(t)return t=We(e,n),Pe.test(t)?S(e).position()[n]+"px":t})}),S.each({Height:"height",Width:"width"},function(a,s){S.each({padding:"inner"+a,content:s,"":"outer"+a},function(r,o){S.fn[o]=function(e,t){var n=arguments.length&&(r||"boolean"!=typeof e),i=r||(!0===e||!0===t?"margin":"border");return $(this,function(e,t,n){var r;return x(e)?0===o.indexOf("outer")?e["inner"+a]:e.document.documentElement["client"+a]:9===e.nodeType?(r=e.documentElement,Math.max(e.body["scroll"+a],r["scroll"+a],e.body["offset"+a],r["offset"+a],r["client"+a])):void 0===n?S.css(e,t,i):S.style(e,t,n,i)},s,n?e:void 0,n)}})}),S.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){S.fn[t]=function(e){return this.on(t,e)}}),S.fn.extend({bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)},hover:function(e,t){return this.mouseenter(e).mouseleave(t||e)}}),S.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup contextmenu".split(" "),function(e,n){S.fn[n]=function(e,t){return 0<arguments.length?this.on(n,null,e,t):this.trigger(n)}});var Xt=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g;S.proxy=function(e,t){var n,r,i;if("string"==typeof t&&(n=e[t],t=e,e=n),m(e))return r=s.call(arguments,2),(i=function(){return e.apply(t||this,r.concat(s.call(arguments)))}).guid=e.guid=e.guid||S.guid++,i},S.holdReady=function(e){e?S.readyWait++:S.ready(!0)},S.isArray=Array.isArray,S.parseJSON=JSON.parse,S.nodeName=A,S.isFunction=m,S.isWindow=x,S.camelCase=X,S.type=w,S.now=Date.now,S.isNumeric=function(e){var t=S.type(e);return("number"===t||"string"===t)&&!isNaN(e-parseFloat(e))},S.trim=function(e){return null==e?"":(e+"").replace(Xt,"")},"function"==typeof define&&define.amd&&define("jquery",[],function(){return S});var Vt=C.jQuery,Gt=C.$;return S.noConflict=function(e){return C.$===S&&(C.$=Gt),e&&C.jQuery===S&&(C.jQuery=Vt),S},"undefined"==typeof e&&(C.jQuery=C.$=S),S});
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/css/logout.css b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/css/logout.css
deleted file mode 100644
index 5cd06c1..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/css/logout.css
+++ /dev/null
@@ -1,20 +0,0 @@
-/* Success/Failure indicators for logout propagation. */
-ol li:before {
- content: ''
-}
-li.logout {
- line-height: 36px;
- padding-left: 36px;
-}
-li.logout.success {
- background: url(../images/success-32x32.png) no-repeat left center;
-}
-li.logout.failure {
- background: url(../images/failure-32x32.png) no-repeat left center;
-}
-li.logout.pending{
-
-}
-li.logout.na {
- background: url(../images/failure-32x32.png) no-repeat left center;
-}
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/css/placeholder.css b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/css/placeholder.css
deleted file mode 100644
index c1dbe1c..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/css/placeholder.css
+++ /dev/null
@@ -1,802 +0,0 @@
-/* Colours pallet
-
-To change the colours, use find and replace with the values below:
-
- #ECEFF1 - Body background, header / section border, read only / disabled input fields.
-
- #1534E3 - Links, buttons, list items, selected radio, selected checkbox.
-
- #1A237E - Hover buttons.
-
- #32424A - Body text, input fields border.
-
- #7A2D00 - Output message.
-
- #B50024 - Error messages / fields.
-
- #1C7D40 - Success messages / fields.
-
- #999999 - read only / disabled input fields.
-
-*/
-
-html, html * {
- margin: 0;
- padding: 0;
- border: 0;
- font-size: 100%;
- font: inherit;
- vertical-align: baseline;
- box-sizing: border-box;
- background: none;
- background-repeat: no-repeat;
- background-position: left top;
- border: 0;
- outline: 0;
-}
-
-html {
- height: 100%;
-}
-
-/* HTML5 display-role reset for older browsers */
-article, aside, details, figcaption, figure, footer, header, hgroup, menu, nav, section, main {
- display: block;
-}
-
-/* Default document styles - fonts, font sizes, text colours, font weight */
-body {
- font-family: Segoe UI, Helvetica, Arial, sans-serif, Apple Color Emoji, Segoe UI Emoji, Segoe UI Symbol;
- font-size: 16px;
- font-size: 1rem;
- line-height: 24px;
- line-height: 1.5rem;
- color: #32424a;
- font-weight: 400;
- max-width: 3000px;
- margin: 0 auto;
- background-color: #eceff1;
- padding: 24px;
-}
-
-/* Links */
-a[href] {
- text-decoration: none;
- color: #1534e3;
-}
-
-/* Link hover states */
-a[href]:hover, a[href]:active, a[href]:focus {
- text-decoration: underline;
- color: #1534e3;
-}
-
-/* Heading styles */
-h1 {
- font-size: 24px;
- font-size: 1.5rem;
- line-height: 28px;
- line-height: 1.75rem;
- font-weight: 700;
-}
-
-h2 {
- font-size: 20px;
- font-size: 1.25rem;
- line-height: 25px;
- line-height: 1.5rem;
- font-weight: 400;
-}
-
-h3 {
- font-size: 16px;
- font-size: 1rem;
- line-height: 22px;
- line-height: 1.375rem;
- font-weight: 700;
-}
-
-h4 {
- font-size: 14px;
- font-size: 0.875rem;
- line-height: 18px;
- line-height: 1.125rem;
- font-weight: 700;
- margin-bottom: 0.5em;
-}
-
-h5 {
- font-size: 14px;
- font-size: 0.875rem;
- line-height: 18px;
- line-height: 1.125rem;
- font-weight: 400;
-}
-
-h1, h2, h3, h4, h5, h6, p {
- margin-bottom: 1em;
-}
-
-h1:last-child, h2:last-child, h3:last-child, h4:last-child, h5:last-child, h6:last-child, p:last-child {
- margin-bottom: 0px;
-}
-
-/* List styles */
-ol, ul {
- list-style: none;
- margin: 20px 0;
-}
-
-ol:before, ol:after,
-ul:before, ul:after {
- content: " ";
- display: table;
-}
-
-ol:after,
-ul:after {
- clear: both;
-}
-
-ol:last-child,
-ul:last-child {
- margin-bottom: 0px;
-}
-
-ol:first-child,
-ul:first-child {
- margin-top: 0px;
-}
-
-ul li {
- padding-left: 22px;
- margin-bottom: 4px;
- position: relative;
- list-style: none;
-}
-
-ul li:last-child {
- margin-bottom: 0px;
-}
-
-ul li:before {
- content: '';
- -webkit-border-radius: 2px;
- -ms-border-radius: 2px;
- -moz-border-radius: 2px;
- -o-border-radius: 2px;
- border-radius: 2px;
- background-color: #1534e3;
- height: 7px;
- width: 7px;
- display: block;
- position: absolute;
- left: 0;
- top: 7px;
-}
-
-ol {
- counter-reset: item;
-}
-
-ol li {
- padding-left: 22px;
- margin-bottom: 10px;
- position: relative;
- list-style: none;
-}
-
-ol li:last-child {
- margin-bottom: 0px;
-}
-
-ol li:before {
- color: #1534e3;
- position: absolute;
- left: 0;
- content: counter(item) ". ";
- counter-increment: item;
- font-weight: 700;
- top: 1px;
-}
-
-ol li:nth-child(n+10) {
- padding-left: 30px;
-}
-
-ol li:nth-child(n+100) {
- padding-left: 38px;
-}
-
-hr {
- width: 100%;
- clear: both;
- border: 0;
- outline: 0;
- background-color: #eceff1;
- height: 1px;
- display: block;
- margin: 30px 0;
-}
-
-b, strong {
- font-weight: 700;
-}
-
-i, em {
- font-style: italic;
-}
-
-small {
- font-size: 0.8em;
-}
-
-big {
- font-size: 1.2em;
-}
-
-.cc {
- clear: both;
- margin: 0 auto;
- width: 100%;
- max-width: 649px;
- padding: 0 0;
-}
-
-.cc:before, .cc:after {
- content: " ";
- display: table;
-}
-
-.cc:after {
- clear: both;
-}
-
-img {
- max-width: 100%;
- height: auto;
-}
-
-/* Main content area */
-main {
- clear: both;
- margin: 0 auto;
- width: 100%;
- max-width: 800px;
- background-color: #fff;
- -webkit-border-radius: 8px;
- -ms-border-radius: 8px;
- -moz-border-radius: 8px;
- -o-border-radius: 8px;
- border-radius: 8px;
- -webkit-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- -ms-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- -moz-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- -o-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
-}
-
-/* Add a border top when 2 sections are together */
-main section + section {
- border-top: 1px solid #eceff1;
-}
-
-/* Header */
-header {
- display: block; /* Change to display: none to hide */
- border-bottom: 1px solid #eceff1;
- text-align: center;
- padding: 6% 8%;
-}
-
-header .main-logo {
- display: block;
- margin: 0 auto;
-}
-
-.service-logo {
- display: block;
- margin: 24px 0;
-}
-
-section {
- padding: 4% 8% 4% 8%;
-}
-
-/* Output Messages */
-.output-message {
- font-size: 14px;
- font-size: 0.875rem;
- line-height: 18px;
- line-height: 1.125rem;
- font-style: italic;
- -webkit-border-radius: 4px;
- -ms-border-radius: 4px;
- -moz-border-radius: 4px;
- -o-border-radius: 4px;
- border-radius: 4px;
- background-color: #FFD8C2;
- display: block;
- padding: 4%;
- margin-bottom: 20px;
- color: #7A2D00;
-}
-
-.output-message:last-child {
- margin-bottom: 0px;
-}
-
-/* Output Message Success */
-.output-message.output--success {
- background-color: #DCF9E7;
- color: #1C7D40;
-}
-
-/* Output Message Error */
-.output-message.output--error {
- background-color: #FFF0F3;
- color: #B50024;
-}
-
-.boxed {
- -webkit-border-radius: 4px;
- -ms-border-radius: 4px;
- -moz-border-radius: 4px;
- -o-border-radius: 4px;
- border-radius: 4px;
- -webkit-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- -ms-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- -moz-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- -o-box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- box-shadow: 0px 0px 10px 0px rgba(38, 50, 56, 0.11);
- background-color: #fff;
- padding: 6%;
- margin: 30px 0;
-}
-
-.boxed:last-child {
- margin-bottom: 0px;
-}
-
-.boxed:first-child {
- margin-top: 0px;
-}
-
-/* Footer style */
-footer {
- z-index: 1;
- position: relative;
- text-align: center;
- margin-top: 20px;
- font-size: 12px;
- font-size: 0.75rem;
- line-height: 16px;
- line-height: 1rem;
-}
-
-/* Forms styles */
-fieldset {
- display: block;
- margin-bottom: 20px;
-}
-
-fieldset:last-child {
- margin-bottom: 0px;
-}
-
-fieldset .field-validation {
- display: block;
- margin-top: 10px;
-}
-
-fieldset .error {
- color: #B50024;
-}
-
-fieldset legend span {
- display: block;
- text-indent: 100%;
- white-space: nowrap;
- overflow: hidden;
- height: 0;
-}
-
-/* Form labels */
-label {
- vertical-align: top;
- font-size: 14px;
- font-size: 0.875rem;
- line-height: 18px;
- line-height: 1.125rem;
- font-weight: 700;
- display: block;
- color: #32424a;
- margin-bottom: 6px;
-}
-
-label:focus {
- color: #1534E3;
-}
-
-/* Form input fields */
-input[type="text"],
-input[type="email"],
-input[type="password"],
-input[type="telephone"],
-input[type="tel"],
-input[type="url"],
-textarea,
-select {
- background-color: #fff;
- border: 2px solid #32424a;
- -webkit-transition: all 0.3s ease-in-out;
- -moz-transition: all 0.3s ease-in-out;
- -ms-transition: all 0.3s ease-in-out;
- -o-transition: all 0.3s ease-in-out;
- transition: all 0.3s ease-in-out;
- color: #32424a;
- padding: 13px 20px;
- display: block;
- width: 100%;
- -webkit-appearance: none;
- -ms-appearance: none;
- -moz-appearance: none;
- -o-appearance: none;
- appearance: none;
- -webkit-border-radius: 4px;
- -ms-border-radius: 4px;
- -moz-border-radius: 4px;
- -o-border-radius: 4px;
- border-radius: 4px;
-}
-
-/* Form input focus */
-input[type="text"]:focus,
-input[type="email"]:focus,
-input[type="password"]:focus,
-input[type="telephone"]:focus,
-input[type="tel"]:focus,
-input[type="url"]:focus,
-textarea:focus,
-select:focus,
-input[type="text"]:active,
-input[type="email"]:active,
-input[type="password"]:active,
-input[type="telephone"]:active,
-input[type="tel"]:active,
-input[type="url"]:active,
-textarea:active,
-select:active {
- border-color: #1534e3;
- background-color: #fff;
-}
-
-/* Form input errors */
-input[type="text"].error,
-input[type="email"].error,
-input[type="password"].error,
-input[type="telephone"].error,
-input[type="tel"].error,
-input[type="url"].error,
-textarea.error,
-select.error {
- border-color: #B50024;
-}
-
-/* Form input read only / disabled */
-input[type="text"]:read-only,
-input[type="email"]:read-only,
-input[type="password"]:read-only,
-input[type="telephone"]:read-only,
-input[type="tel"]:read-only,
-input[type="url"]:read-only,
-textarea:read-only,
-select:read-only,
-input[type="text"]:disabled,
-input[type="email"]:disabled,
-input[type="password"]:disabled,
-input[type="telephone"]:disabled,
-input[type="tel"]:disabled,
-input[type="url"]:disabled,
-textarea:disabled,
-select:disabled {
- background-color: #ECEFF1;
- pointer-events: none;
-}
-
-/* Text areas */
-textarea {
- height: 124px;
- resize: none;
-}
-
-
-/* Dropdowns */
-select {
- -webkit-appearance: auto;
- -ms-appearance: auto;
- -moz-appearance: auto;
- -o-appearance: auto;
- appearance: auto;
-}
-
-select:read-only {
- background-color: #fff;
- pointer-events: unset;
-}
-
-select::-ms-expand {
- display: none;
-}
-
-/* Checkboxes / Radio buttons */
-input[type="checkbox"], input[type="radio"] {
- position : absolute;
- opacity: 0;
- height: 0;
- width: 0;
-}
-
-input[type="checkbox"] + label, input[type="radio"] + label {
- display: block;
- font-weight: 400;
- font-size: 16px;
- font-size: 1rem;
- line-height: 24px;
- line-height: 1.5rem;
- cursor: pointer;
- position: relative;
- padding-left: 30px;
- padding-top: 3px;
- margin-bottom: 4px;
- margin-right: 12px;
- display: inline-block;
-}
-
-input[type="checkbox"] + label:before, input[type="radio"] + label:before {
- content: "";
- position: absolute;
- top: 2px;
- left: 0;
- height: 20px;
- width: 20px;
- background-color: #fff;
- border: 2px solid #32424a;
- -webkit-transition: all 0.2s ease-out;
- -ms-transition: all 0.2s ease-out;
- -moz-transition: all 0.2s ease-out;
- -o-transition: all 0.2s ease-out;
- transition: all 0.2s ease-out;
-}
-
-input[type="checkbox"] + label:after, input[type="radio"] + label:after {
- content: "";
- position: absolute;
- -webkit-transform: rotate(45deg);
- -ms-transform: rotate(45deg);
- -moz-transform: rotate(45deg);
- -o-transform: rotate(45deg);
- transform: rotate(45deg);
- display: none;
-}
-
-input[type="checkbox"]:checked + label, input[type="radio"]:checked + label,
-input[type="checkbox"]:focus + label, input[type="radio"]:focus + label {
- color: #1534e3;
-}
-
-input[type="checkbox"]:checked + label:before, input[type="radio"]:checked + label:before,
-input[type="checkbox"]:focus + label:before, input[type="radio"]:focus + label:before {
- border-color: #1534e3;
-}
-
-input[type="checkbox"]:checked + label:after, input[type="radio"]:checked + label:after {
- display: block;
-}
-
-input[type="checkbox"] + label:before {
- -webkit-border-radius: 4px;
- -ms-border-radius: 4px;
- -moz-border-radius: 4px;
- -o-border-radius: 4px;
- border-radius: 4px;
-}
-
-input[type="checkbox"] + label:after {
- left: 8px;
- top: 5px;
- width: 4px;
- height: 10px;
- border: solid #1534e3;
- border-width: 0 4px 4px 0;
-}
-
-input[type="radio"] + label:before {
- -webkit-border-radius: 100%;
- -ms-border-radius: 100%;
- -moz-border-radius: 100%;
- -o-border-radius: 100%;
- border-radius: 100%;
-}
-
-input[type="radio"] + label:after {
- background-color: #1534e3;
- height: 12px;
- width: 12px;
- -webkit-border-radius: 100%;
- -ms-border-radius: 100%;
- -moz-border-radius: 100%;
- -o-border-radius: 100%;
- border-radius: 100%;
- left: 6px;
- top: 8px;
-}
-
-/* Buttons / Submit buttons */
-button, input[type=button],
-input[type=submit],
-a.button,
-.button {
- display: inline-block;
- text-align: center;
- background-color: #1534e3;
- border: 4px solid #1534e3;
- font-weight: 700;
- padding: 11px 74px;
- cursor: pointer;
- color: #fff;
- -webkit-appearance: none;
- -ms-appearance: none;
- -moz-appearance: none;
- -o-appearance: none;
- appearance: none;
- -webkit-border-radius: 4px;
- -ms-border-radius: 4px;
- -moz-border-radius: 4px;
- -o-border-radius: 4px;
- border-radius: 4px;
- -webkit-transition: all 0.2s ease-out;
- -ms-transition: all 0.2s ease-out;
- -moz-transition: all 0.2s ease-out;
- -o-transition: all 0.2s ease-out;
- transition: all 0.2s ease-out;
-}
-
-/* Button hover & focus states */
-button:hover,
-input[type=button]:hover,
-input[type=submit]:hover,
-a.button:hover,
-.button:hover,
-button:focus,
-input[type=button]:focus,
-input[type=submit]:focus,
-a.button:focus,
-.button:focus {
- background: #1a237e;
- color: #fff !important;
- text-decoration: none !important;
- border-color: #1a237e;
-}
-
-/* Secondary button styles */
-button.button--secondary,
-input[type=button].button--secondary,
-input[type=submit].button--secondary,
-a.button.button--secondary,
-.button.button--secondary {
- background-color: transparent;
- border-color: #1534e3;
- color: #1534e3;
-}
-
-/* Secondary button hover & focus states */
-button.button--secondary:hover,
-input[type=button].button--secondary:hover,
-input[type=submit].button--secondary:hover,
-a.button.button--secondary:hover,
-.button.button--secondary:hover,
-button.button--secondary:focus,
-input[type=button].button--secondary:focus,
-input[type=submit].button--secondary:focus,
-a.button.button--secondary:focus,
-.button.button--secondary:focus {
- background: #1a237e;
- border-color: #1a237e;
-}
-
-/* Secondary button disabled states */
-button.button--secondary:disabled,
-input[type=button].button--secondary:disabled,
-input[type=submit].button--secondary:disabled,
-a.button.button--secondary:disabled,
-.button.button--secondary:disabled {
- background-color: transparent;
- color: #999999;
-}
-
-/* Full width buttons */
-button.button--full,
-input[type=button].button--full,
-input[type=submit].button--full,
-a.button.button--full,
-.button.button--full {
- width: 100%;
- padding-left: 30px;
- padding-right: 30px;
-}
-
-/* Button disabled states */
-button:disabled,
-input[type=button]:disabled,
-input[type=submit]:disabled,
-a.button:disabled,
-.button:disabled {
- pointer-events: none;
- background-color: #999999;
- border-color: #999999;
-}
-
-/* Placeholder styles */
-::-webkit-input-placeholder {
- color: #a9b0b4;
-}
-
-:-moz-placeholder {
- color: #a9b0b4;
-}
-
-::-moz-placeholder {
- color: #a9b0b4;
-}
-
-:-ms-input-placeholder {
- color: #a9b0b4;
-}
-
-.grid {
- margin-top: 12px;
-}
-
-/* Grid (used for 2 columns) */
-.grid:before, .grid:after {
- content: " ";
- display: table;
-}
-
-.grid:after {
- clear: both;
-}
-
-.grid > .grid-item {
- margin-bottom: 18px;
- min-height: 1px;
- width: 100%;
-}
-
-.grid:last-child > .item:last-child {
- margin-bottom: 0px;
-}
-
-@media screen and (min-width: 760px) {
-
- .grid.md-2 > .grid-item {
- float: left;
- width: 48.34436%;
- margin-right: 3.31126%;
- }
-
- .grid.md-2 > .grid-item:nth-child(n), .grid.md-2 > .grid-item:nth-of-type(n) {
- margin-right: 3.31126%;
- clear: none;
- }
-
- .grid.md-2 > .grid-item:nth-child(2n) {
- margin-right: 0;
- }
-
- .grid.md-2 > .grid-item:nth-child(2n+1) {
- clear: both;
- }
-
-}
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/images/failure-32x32.png b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/images/failure-32x32.png
deleted file mode 100644
index 3c48e46..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/images/failure-32x32.png and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/images/placeholder-logo.png b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/images/placeholder-logo.png
deleted file mode 100644
index f5807ed..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/images/placeholder-logo.png and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/images/success-32x32.png b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/images/success-32x32.png
deleted file mode 100644
index aa51204..0000000
Binary files a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/edit-webapp/images/success-32x32.png and /dev/null differ
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/flows/authn/conditions/account-locked/account-locked-flow.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/flows/authn/conditions/account-locked/account-locked-flow.xml
deleted file mode 100644
index 5fe7523..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/flows/authn/conditions/account-locked/account-locked-flow.xml
+++ /dev/null
@@ -1,16 +0,0 @@
-<flow xmlns="http://www.springframework.org/schema/webflow"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/webflow http://www.springframework.org/schema/webflow/spring-webflow.xsd">
-
- <!-- This is a placeholder flow that does nothing out of the box but reserves a subflow ID. -->
-
- <!-- Rudimentary impediment to direct execution of subflow. -->
- <input name="calledAsSubflow" type="boolean" required="true" />
-
- <on-start>
- <evaluate expression="'proceed'" />
- </on-start>
-
- <end-state id="proceed" />
-
-</flow>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/flows/authn/conditions/conditions-flow.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/flows/authn/conditions/conditions-flow.xml
deleted file mode 100644
index 53c4994..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/flows/authn/conditions/conditions-flow.xml
+++ /dev/null
@@ -1,35 +0,0 @@
-<flow xmlns="http://www.springframework.org/schema/webflow"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/webflow http://www.springframework.org/schema/webflow/spring-webflow.xsd"
- abstract="true">
-
- <!-- Rudimentary impediment to direct execution of subflow. -->
- <input name="calledAsSubflow" type="boolean" required="true" />
-
- <action-state id="ValidateUsernamePassword">
-
- <!-- Call outs for exceptional conditions. -->
- <transition on="AccountWarning" to="CallExpiringPassword" />
- <transition on="ExpiringPassword" to="CallExpiringPassword" />
- <transition on="ExpiredPassword" to="CallExpiredPassword" />
- <transition on="AccountLocked" to="CallAccountLocked" />
-
- <transition to="DisplayUsernamePasswordPage" />
- </action-state>
-
- <subflow-state id="CallExpiringPassword" subflow="authn/conditions/expiring-password">
- <input name="calledAsSubflow" value="true" />
- <transition on="proceed" to="ContinueSuccessfulAuthentication" />
- </subflow-state>
-
- <subflow-state id="CallExpiredPassword" subflow="authn/conditions/expired-password">
- <input name="calledAsSubflow" value="true" />
- <transition on="proceed" to="DisplayUsernamePasswordPage" />
- </subflow-state>
-
- <subflow-state id="CallAccountLocked" subflow="authn/conditions/account-locked">
- <input name="calledAsSubflow" value="true" />
- <transition on="proceed" to="DisplayUsernamePasswordPage" />
- </subflow-state>
-
-</flow>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/flows/authn/conditions/expired-password/expired-password-flow.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/flows/authn/conditions/expired-password/expired-password-flow.xml
deleted file mode 100644
index 5fe7523..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/flows/authn/conditions/expired-password/expired-password-flow.xml
+++ /dev/null
@@ -1,16 +0,0 @@
-<flow xmlns="http://www.springframework.org/schema/webflow"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/webflow http://www.springframework.org/schema/webflow/spring-webflow.xsd">
-
- <!-- This is a placeholder flow that does nothing out of the box but reserves a subflow ID. -->
-
- <!-- Rudimentary impediment to direct execution of subflow. -->
- <input name="calledAsSubflow" type="boolean" required="true" />
-
- <on-start>
- <evaluate expression="'proceed'" />
- </on-start>
-
- <end-state id="proceed" />
-
-</flow>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/flows/authn/conditions/expiring-password/expiring-password-flow.xml b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/flows/authn/conditions/expiring-password/expiring-password-flow.xml
deleted file mode 100644
index 75bb86a..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/flows/authn/conditions/expiring-password/expiring-password-flow.xml
+++ /dev/null
@@ -1,33 +0,0 @@
-<flow xmlns="http://www.springframework.org/schema/webflow"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/webflow http://www.springframework.org/schema/webflow/spring-webflow.xsd">
-
- <!--
- This is an example flow that displays a view template in response to an expiring password.
- The view might display a pointer to the password change portal while automatically continuing
- after a few seconds.
- -->
-
- <!-- Rudimentary impediment to direct execution of subflow. -->
- <input name="calledAsSubflow" type="boolean" required="true" />
-
- <view-state id="ExpiringPassword" view="intercept/expiring-password">
- <attribute name="csrf_excluded" value="true" type="boolean"/>
- <on-render>
- <evaluate expression="environment" result="viewScope.environment" />
- <evaluate expression="opensamlProfileRequestContext" result="viewScope.profileRequestContext" />
- <evaluate expression="opensamlProfileRequestContext.getSubcontext(T(net.shibboleth.idp.authn.context.AuthenticationContext))" result="viewScope.authenticationContext" />
- <evaluate expression="authenticationContext.getSubcontext(T(net.shibboleth.idp.authn.context.AuthenticationErrorContext))" result="viewScope.authenticationErrorContext" />
- <evaluate expression="authenticationContext.getSubcontext(T(net.shibboleth.idp.authn.context.AuthenticationWarningContext))" result="viewScope.authenticationWarningContext" />
- <evaluate expression="authenticationContext.getSubcontext(T(net.shibboleth.idp.authn.context.LDAPResponseContext))" result="viewScope.ldapResponseContext" />
- <evaluate expression="T(net.shibboleth.shared.codec.HTMLEncoder)" result="viewScope.encoder" />
- <evaluate expression="flowRequestContext.getExternalContext().getNativeRequest()" result="viewScope.request" />
- <evaluate expression="flowRequestContext.getExternalContext().getNativeResponse()" result="viewScope.response" />
- <evaluate expression="flowRequestContext.getActiveFlow().getApplicationContext().containsBean('shibboleth.CustomViewContext') ? flowRequestContext.getActiveFlow().getApplicationContext().getBean('shibboleth.CustomViewContext') : null" result="viewScope.custom" />
- </on-render>
- <transition on="proceed" to="proceed" />
- </view-state>
-
- <end-state id="proceed" />
-
-</flow>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/messages/messages.properties b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/messages/messages.properties
deleted file mode 100644
index b59fc89..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/messages/messages.properties
+++ /dev/null
@@ -1,6 +0,0 @@
-# You can define message properties here to override messages defined in
-# the system-supplied message file or to add your own messages.
-
-# You should alter these to point to different files of your own choosing.
-#idp.css = /css/placeholder.css
-#idp.logo = /images/placeholder-logo.png
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/admin/hello.vm b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/admin/hello.vm
deleted file mode 100644
index 6268c6c..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/admin/hello.vm
+++ /dev/null
@@ -1,68 +0,0 @@
-##
-## Velocity Template for Hello World page.
-##
-## Velocity context will contain the following properties
-## flowRequestContext - the Spring Web Flow RequestContext
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## profileRequestContext - root of context tree
-## subjectContext - ProfileRequestContext -> SubjectContext
-## attributeContext - ProfileRequestContext -> AttributeContext
-## environment - Spring Environment object for property resolution
-## custom - arbitrary object injected by deployer
-##
-<!DOCTYPE html>
-<html>
- <head>
- <title>#springMessageText("idp.title", "Web Login Service") - #springMessageText("hello-world.title", "Hello World")</title>
- <meta charset="UTF-8" />
- <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
- <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=5.0">
- <link rel="stylesheet" type="text/css" href="$request.getContextPath()#springMessageText("idp.css", "/css/placeholder.css")" media="all">
- </head>
-
- <body>
- <main class="main">
- <header>
- <img class="main-logo" src="$request.getContextPath()#springMessageText("idp.logo", "/images/placeholder-logo.png")" alt="#springMessageText("idp.logo.alt-text", "logo")">
- </header>
-
- <section>
- <h1>#springMessageText("hello-world.greeting", "Greetings"), <em>$encoder.encodeForHTML($subjectContext.getPrincipalName())</em></h1>
- <p><strong>Authenticated by</strong><br />
- #foreach ($result in $subjectContext.getAuthenticationResults().entrySet())
- <small>$encoder.encodeForHTML($result.getKey())</small><br/>
- #end</p>
-
- <p><strong>Java Principals in Subjects</strong><br/>
- #foreach ($s in $subjectContext.getSubjects())
- #foreach ($p in $s.getPrincipals())
- <small>$encoder.encodeForHTML($p)</small></br/>
- #end
- #end</p>
-
- #if ($attributeContext && !$attributeContext.getUnfilteredIdPAttributes().isEmpty())
-
- <p><strong>Attributes</strong><br/>
- #foreach ($a in $attributeContext.getUnfilteredIdPAttributes())
- #if (!$a.getValues().isEmpty())
- <small><strong>$encoder.encodeForHTML($a.getId())</strong></small><br/>
- #foreach ($v in $a.getValues())
- <small>$encoder.encodeForHTML($v.getDisplayValue())</small><br/>
- #end
- #end
- #end
- #end
- </p>
-
- <a class="button button--secondary" href="$request.getContextPath()/profile/admin/hello">#springMessageText("hello-world.reload", "Reload the Page")</a>
- </section>
- </main>
- <footer class="footer">
- <div class="cc">
- <p>#springMessageText("idp.footer", "Insert your footer text here.")</p>
- </div>
- </footer>
- </body>
-</html>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/client-storage/client-storage-read.vm b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/client-storage/client-storage-read.vm
deleted file mode 100644
index 1afe818..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/client-storage/client-storage-read.vm
+++ /dev/null
@@ -1,48 +0,0 @@
-##
-## Velocity template to read from local storage.
-##
-## Velocity context will contain the following properties
-## flowExecutionUrl - the form action location
-## flowRequestContext - the Spring Web Flow RequestContext
-## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
-## profileRequestContext - root of context tree
-## loadContext - context with details about the storage keys to load
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service"))
-#set ($titleSuffix = $springMacroRequestContext.getMessage("idp.client-storage-read.suffix", "Loading Session Information"))
-##
-<!DOCTYPE html>
-<html>
- <head>
- <title>$title - $titleSuffix</title>
- <meta charset="UTF-8" />
- <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
- <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=5.0">
- <link rel="stylesheet" type="text/css" href="$request.getContextPath()#springMessageText("idp.css", "/css/placeholder.css")">
- <script>
- <!--
- #include("client-storage/local-storage-read.js")
- // -->
- </script>
- </head>
- <body onload="doLoad()">
- <main class="main">
- <section>
- <h1>$title - $titleSuffix</h1>
- <p>$springMacroRequestContext.getMessage("idp.client-storage-read.text", "Loading login session information from the browser...")</p>
- <noscript>
- $springMacroRequestContext.getMessage("idp.client-storage.no-js", "Since your browser does not support JavaScript, you must press the Continue button once to proceed.")
- </noscript>
- #parse("client-storage/read.vm")
- </section>
- </main>
- <footer class="footer">
- <div class="cc">
- <p>#springMessageText("idp.footer", "Insert your footer text here.")</p>
- </div>
- </footer>
- </body>
-</html>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/client-storage/client-storage-write.vm b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/client-storage/client-storage-write.vm
deleted file mode 100644
index 066cbdb..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/client-storage/client-storage-write.vm
+++ /dev/null
@@ -1,50 +0,0 @@
-##
-## Velocity template to write to local storage.
-##
-## Velocity context will contain the following properties
-## flowExecutionUrl - the form action location
-## flowRequestContext - the Spring Web Flow RequestContext
-## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
-## profileRequestContext - root of context tree
-## saveContext - context with details about the storage data to save
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service"))
-#set ($titleSuffix = $springMacroRequestContext.getMessage("idp.client-storage-write.suffix", "Saving Session Information..."))
-##
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
- <head>
- <title>$title - $titleSuffix</title>
- <meta charset="UTF-8" />
- <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
- <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=5.0">
- <link rel="stylesheet" type="text/css" href="$request.getContextPath()#springMessageText("idp.css", "/css/placeholder.css")">
- <script>
- <!--
- #include("client-storage/local-storage-write.js")
- // -->
- </script>
- </head>
- <body onload="doSave()">
- <main class="main">
- <section>
- <h1>$title - $titleSuffix</h1>
- <p>$springMacroRequestContext.getMessage("idp.client-storage-write.text", "Saving login session information to the browser...")</p>
- <noscript>
- <div class="content">
- $springMacroRequestContext.getMessage("idp.client-storage.no-js", "Since your browser does not support JavaScript, you must press the Continue button once to proceed.")
- </div>
- </noscript>
- #parse("client-storage/write.vm")
- </section>
- </main>
- <footer class="footer">
- <div class="cc">
- <p>#springMessageText("idp.footer", "Insert your footer text here.")</p>
- </div>
- </footer>
- </body>
-</html>
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/error.vm b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/error.vm
deleted file mode 100644
index 0f01e89..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/error.vm
+++ /dev/null
@@ -1,74 +0,0 @@
-##
-## Velocity Template for error end-state
-##
-## Velocity context will contain the following variables during controlled errors.
-## Some error paths involve runtime exceptions handled outside Spring Web Flow by the
-## MVC layer and will not generally populate most of these variables.
-##
-## flowRequestContext - the Spring Web Flow RequestContext
-## profileRequestContext - root of context tree
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-## custom - arbitrary object injected by deployer
-##
-#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service"))
-#set ($defaultTitleSuffix = $springMacroRequestContext.getMessage("idp.title.suffix", "Error"))
-##
-#if ($flowRequestContext)
- ## This handles flow events, the most common case.
- #set ($eventId = $flowRequestContext.getCurrentEvent().getId())
- #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "error"))
- #set ($titleSuffix = $springMacroRequestContext.getMessage("${eventKey}.title", "$defaultTitleSuffix"))
- #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "$defaultTitleSuffix: $eventId"))
- #if ($eventId == "AccessDenied" or $eventId == "ContextCheckDenied")
- $response.setStatus(403)
- #elseif ($eventId == "AttributeReleaseRejected" || $eventId == "TermsRejected")
- $response.setStatus(200)
- #elseif ($eventKey == "unexpected" || $eventKey == "runtime-error" || $eventKey == "error")
- $response.setStatus(500)
- #else
- $response.setStatus(400)
- #end
-#elseif ($exception)
- ## This handles exceptions that reach the Spring-MVC exception handler.
- #set ($eventId = $exception.getClass().getSimpleName())
- #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "error"))
- #set ($titleSuffix = $springMacroRequestContext.getMessage("${eventKey}.title", "$defaultTitleSuffix"))
- #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "$defaultTitleSuffix: $eventId"))
- $response.setStatus(500)
-#else
- ## This is a catch-all that theoretically shouldn't happen?
- #set ($titleSuffix = $defaultTitleSuffix)
- #set ($message = $springMacroRequestContext.getMessage("idp.message", "An unidentified error occurred."))
- $response.setStatus(500)
-#end
-##
-<!DOCTYPE html>
-<html>
- <head>
- <meta charset="UTF-8" />
- <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
- <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=5.0">
- <link rel="stylesheet" type="text/css" href="$request.getContextPath()#springMessageText("idp.css", "/css/placeholder.css")">
- </head>
-
- <body>
- <main class="main">
- <header>
- <img class="main-logo" src="$request.getContextPath()#springMessageText("idp.logo", "/images/placeholder-logo.png")" alt="#springMessageText("idp.logo.alt-text", "logo")" />
- </header>
-
- <section>
- <h1>$title - $titleSuffix</h1>
- <p>#evaluate($message)</p>
- </section>
- </main>
- <footer class="footer">
- <div class="cc">
- <p>#springMessageText("idp.footer", "Insert your footer text here.")</p>
- </div>
- </footer>
- </body>
-</html>
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/login-error.vm b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/login-error.vm
deleted file mode 100644
index 4a9e641..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/login-error.vm
+++ /dev/null
@@ -1,24 +0,0 @@
-## Velocity Template for login error message production, included by login.vm
-##
-## authenticationErrorContext - context containing error data, if available
-##
-#if ($authenticationErrorContext && $authenticationErrorContext.getClassifiedErrors().size() > 0 && !$authenticationErrorContext.getClassifiedErrors().contains('AuthenticationException'))
- ## This handles errors that are classified by the message maps in the authentication config.
- #set ($eventId = $authenticationErrorContext.getClassifiedErrors().iterator().next())
- #if ($eventId != "ReselectFlow")
- #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "authn"))
- #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "Login Failure: $eventId"))
- #end
-#elseif ($authenticationErrorContext && $authenticationErrorContext.getExceptions().size() > 0)
- ## This handles login exceptions that are left unclassified.
- #set ($loginException = $authenticationErrorContext.getExceptions().get(0))
- #if ($loginException.getMessage())
- #set ($message = "Login Failure: $loginException.getMessage()")
- #else
- #set ($message = $loginException.toString())
- #end
-#end
-
-#if ($message)
- <p class="output-message output--error">$encoder.encodeForHTML($message)</p>
-#end
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/login.vm b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/login.vm
deleted file mode 100644
index 20ed38e..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/login.vm
+++ /dev/null
@@ -1,106 +0,0 @@
-##
-## Velocity Template for DisplayUsernamePasswordPage view-state
-##
-## Velocity context will contain the following properties
-## flowExecutionUrl - the form action location
-## flowRequestContext - the Spring Web Flow RequestContext
-## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
-## profileRequestContext - root of context tree
-## authenticationContext - context with authentication request information
-## authenticationErrorContext - context with login error state
-## authenticationWarningContext - context with login warning state
-## ldapResponseContext - context with LDAP state (if using native LDAP)
-## rpUIContext - the context with SP UI information from the metadata
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-## custom - arbitrary object injected by deployer
-##
-#set ($rpContext = $profileRequestContext.getSubcontext('net.shibboleth.profile.context.RelyingPartyContext'))
-#set ($username = $authenticationContext.getSubcontext('net.shibboleth.idp.authn.context.UsernamePasswordContext', true).getUsername())
-##
-<!DOCTYPE html>
-<html>
- <head>
- <title>#springMessageText("idp.title", "Web Login Service")</title>
- <meta charset="UTF-8" />
- <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
- <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=5.0">
- <link rel="stylesheet" type="text/css" href="$request.getContextPath()#springMessageText("idp.css", "/css/placeholder.css")">
- </head>
- <body>
- <main class="main">
- <header>
- <img class="main-logo" src="$request.getContextPath()#springMessageText("idp.logo", "/images/placeholder-logo.png")" alt="#springMessageText("idp.logo.alt-text", "logo")" />
-
- #set ($serviceName = $rpUIContext.serviceName)
- #if ($serviceName && !$rpContext.getRelyingPartyId().contains($serviceName))
- <h1>#springMessageText("idp.login.loginTo", "Login to") $encoder.encodeForHTML($serviceName)</h1>
- #end
- </header>
-
- <section>
- <form action="$flowExecutionUrl" method="post">
- #parse("csrf/csrf.vm")
-
- #*
- //
- // SP Description & Logo (optional)
- // These idpui lines will display added information (if available
- // in the metadata) about the Service Provider (SP) that requested
- // authentication. These idpui lines are "active" in this example
- // (not commented out) - this extra SP info will be displayed.
- // Remove or comment out these lines to stop the display of the
- // added SP information.
- //
- *#
- #set ($logo = $rpUIContext.getLogo())
- #if ($logo)
- <img class="service-logo" src= "$encoder.encodeForHTMLAttribute($logo)" alt="$encoder.encodeForHTMLAttribute($serviceName)">
- #end
- #set ($desc = $rpUIContext.getServiceDescription())
- #if ($desc)
- <p>$encoder.encodeForHTML($desc)</p>
- #end
-
- #parse("login-error.vm")
-
- <label for="username">#springMessageText("idp.login.username", "Username")</label>
- <input id="username" name="j_username" type="text"
- value="#if($username)$encoder.encodeForHTML($username)#end" />
-
- <label for="password">#springMessageText("idp.login.password", "Password")</label>
- <input type="password" name="j_password" id="password" value="" />
-
- ## You may need to modify this to taste, such as changing the flow name checked to authn/MFA.
- #if (!$authenticationContext.getActiveResults().containsKey('authn/Password'))
- <input type="checkbox" name="donotcache" value="1" id="donotcache" />
- <label for="donotcache">#springMessageText("idp.login.donotcache", "Don't Remember Login")</label>
- #end
-
- <input id="_shib_idp_revokeConsent" type="checkbox" name="_shib_idp_revokeConsent" value="true" />
- <label for="_shib_idp_revokeConsent">#springMessageText("idp.attribute-release.revoke", "Clear prior granting of permission for release of your information to this service.")</label>
-
- <div class="grid">
- <div class="grid-item">
- <button type="submit" name="_eventId_proceed"
- onClick="this.childNodes[0].nodeValue='#springMessageText("idp.login.pleasewait", "Logging in, please wait...")'"
- >#springMessageText("idp.login.login", "Login")</button>
- </div>
- </div>
- </form>
-
- <ul>
- <li><a href="#springMessageText("idp.url.password.reset", '#')">#springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li>
- <li><a href="#springMessageText("idp.url.helpdesk", '#')">#springMessageText("idp.login.needHelp", "Need Help?")</a></li>
- </ul>
- </section>
- </main>
- <footer class="footer">
- <div class="cc">
- <p>#springMessageText("idp.footer", "Insert your footer text here.")</p>
- </div>
- </footer>
- </body>
-</html>
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/logout-complete.vm b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/logout-complete.vm
deleted file mode 100644
index 2d332ea..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/logout-complete.vm
+++ /dev/null
@@ -1,61 +0,0 @@
-##
-## Velocity Template for logout flow's concluding view-state (no propagation)
-##
-## Velocity context will contain the following properties
-## flowExecutionUrl - the form action location
-## flowRequestContext - the Spring Web Flow RequestContext
-## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
-## profileRequestContext - root of context tree
-## logoutContext - context with SPSession details for logout operation
-## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-## custom - arbitrary object injected by deployer
-##
-#set ($activeIdPSessions = $logoutContext and !$logoutContext.getIdPSessions().isEmpty())
-#set ($activeSPSessions = $logoutContext and !$logoutContext.getSessionMap().isEmpty())
-<!DOCTYPE html>
-<html>
- <head>
- <title>#springMessageText("idp.title", "Web Login Service")</title>
- <meta charset="UTF-8" />
- <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
- <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=5.0">
- <link rel="stylesheet" type="text/css" href="$request.getContextPath()#springMessageText("idp.css", "/css/placeholder.css")">
- </head>
-
- <body>
- <main class="main">
- <header>
- <img class="main-logo" src="$request.getContextPath()#springMessageText("idp.logo", "/images/placeholder-logo.png")" alt="#springMessageText("idp.logo.alt-text", "logo")" />
- </header>
-
- <section>
- #if ($activeIdPSessions)
- <h2>#springMessageText("idp.logout.cancelled", "Logout has been cancelled.")</h2>
- #elseif ($activeSPSessions)
- <p>#springMessageText("idp.logout.local", "You elected not to log out of all the applications accessed during your session.")</p>
- #else
- <p>#springMessageText("idp.logout.complete", "The logout operation is complete, and no other services appear to have been accessed during this session.")</p>
- #end
-
- <ul>
- <li><a href="#springMessageText("idp.url.password.reset", '#')">#springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li>
- <li><a href="#springMessageText("idp.url.helpdesk", '#')">#springMessageText("idp.login.needHelp", "Need Help?")</a></li>
- </ul>
-
- <!-- If SAML logout, complete the flow by adding a hidden iframe. -->
- #if ( $profileRequestContext.getProfileId().contains("saml2/logout") )
- <iframe style="display:none" src="$flowExecutionUrl&_eventId=proceed"></iframe>
- #end
- </section>
- </main>
- <footer class="footer">
- <div class="cc">
- <p>#springMessageText("idp.footer", "Insert your footer text here.")</p>
- </div>
- </footer>
- </body>
-</html>
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/logout-propagate.vm b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/logout-propagate.vm
deleted file mode 100644
index ab73382..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/logout-propagate.vm
+++ /dev/null
@@ -1,57 +0,0 @@
-##
-## Velocity Template for logout flow's concluding view-state (with propagation)
-##
-## Velocity context will contain the following properties
-## flowExecutionUrl - the form action location
-## flowRequestContext - the Spring Web Flow RequestContext
-## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
-## profileRequestContext - root of context tree
-## logoutContext - context with SPSession details for logout operation
-## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata
-## htmlEncoder - HTMLEncoder class
-## urlEncoder - urlEncoder class
-## codecUtil - CodecUtil class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-## custom - arbitrary object injected by deployer
-##
-#set ($hidden = $environment.getProperty("idp.logout.propagationHidden", "false"))
-<!DOCTYPE html>
-<html>
- <head>
- <title>#springMessageText("idp.title", "Web Login Service")</title>
- <meta charset="UTF-8" />
- <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
- <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=5.0">
- <link rel="stylesheet" type="text/css" href="$request.getContextPath()#springMessageText("idp.css", "/css/placeholder.css")">
- <link rel="stylesheet" type="text/css" href="$request.getContextPath()/css/logout.css">
- </head>
-
- <body>
- <main class="main">
- <header>
- <img class="main-logo" src="$request.getContextPath()#springMessageText("idp.logo", "/images/placeholder-logo.png")" alt="#springMessageText("idp.logo.alt-text", "logo")" />
- </header>
-
- <section>
- #if($hidden == "true")
- <p>#springMessageText("idp.logout.hidden", "Your single sign-on session has been terminated, but you are still logged into many of the services you have accessed during your session.")</p>
- #else
- <h1>#springMessageText("idp.logout.attempt", "Attempting to log out of the following services:")</h1>
- #end
- #parse("logout/propagate.vm")
-
- <ul>
- <li><a href="#springMessageText("idp.url.password.reset", '#')">#springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li>
- <li><a href="#springMessageText("idp.url.helpdesk", '#')">#springMessageText("idp.login.needHelp", "Need Help?")</a></li>
- </ul>
- </section>
- </main>
- <footer class="footer">
- <div class="cc">
- <p>#springMessageText("idp.footer", "Insert your footer text here.")</p>
- </div>
- </footer>
- </body>
-</html>
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/logout.vm b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/logout.vm
deleted file mode 100644
index ab01600..0000000
--- a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/views/logout.vm
+++ /dev/null
@@ -1,118 +0,0 @@
-##
-## Velocity Template for logout flow's starting view-state
-##
-## Velocity context will contain the following properties
-## flowExecutionUrl - the form action location
-## flowRequestContext - the Spring Web Flow RequestContext
-## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
-## profileRequestContext - root of context tree
-## logoutContext - context with SPSession details for logout operation
-## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-## custom - arbitrary object injected by deployer
-##
-#set ($rpContext = $profileRequestContext.getSubcontext("net.shibboleth.profile.context.RelyingPartyContext"))
-#if ($rpContext)
-#set ($rpUIContext = $rpContext.getSubcontext("net.shibboleth.idp.ui.context.RelyingPartyUIContext"))
-#end
-#set ($promptForIdP = $logoutContext and !$logoutContext.getIdPSessions().isEmpty())
-#set ($promptForSP = $logoutContext and !$logoutContext.getSessionMap().isEmpty())
-<!DOCTYPE html>
-<html>
- <head>
- <title>#springMessageText("idp.title", "Web Login Service")</title>
- <meta charset="UTF-8" />
- <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
- <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=5.0">
- #if ($promptForSP)
- <meta http-equiv="refresh" content="10;url=$flowExecutionUrl&_eventId=propagate">
- #elseif ($promptForIdP)
- <meta http-equiv="refresh" content="10;url=$flowExecutionUrl&_eventId=local">
- #end
- <link rel="stylesheet" type="text/css" href="$request.getContextPath()#springMessageText("idp.css", "/css/placeholder.css")">
- </head>
-
- <body>
- <main class="main">
- <header>
- <img class="main-logo" src="$request.getContextPath()#springMessageText("idp.logo", "/images/placeholder-logo.png")" alt="#springMessageText("idp.logo.alt-text", "logo")" />
- </header>
-
- <section>
- <div class="output-message">
- <p><strong>Note for deployers:</strong> This page is displayed when a logout operation at the Identity Provider completes.
- This page is an example and should be customized. It is not fully internationalized because the presentation will be a highly localized decision,
- and we don't have a good suggestion for a default.</p>
- </div>
-
- #if ($rpContext)
- <p>#springMessageText("idp.logout.sp-initiated", "You have been logged out of the following service:")</p>
- <blockquote>
- #if ($rpUIContext)
- $encoder.encodeForHTML($rpUIContext.getServiceName())
- #else
- $encoder.encodeForHTML($rpContext.getRelyingPartyId())
- #end
- </blockquote>
- <br>
- #end
-
- #if ($promptForIdP or $promptForSP)
- <p>#springMessageText("idp.logout.prompt", "Choose one of the following, or wait a few seconds for the default.")</p>
- <br>
-
- <form id="propagate_form" method="POST" action="$flowExecutionUrl">
-
- <p><button id="logout_local" type="submit" name="_eventId" value="local">#springMessageText("idp.logout.idponly", "Logout Locally")</button></p>
- <p>#springMessageText("idp.logout.idponly.caption", "End your SSO session.")</p>
- #end
-
- #if ($promptForSP)
- <p><button id="logout_propagate" type="submit" name="_eventId" value="propagate">#springMessageText("idp.logout.global", "Logout Globally")</button></p>
- <p>#springMessageText("idp.logout.global.caption", "End your SSO session and attempt logout of services accessed during session.")</p>
- <p>#springMessageText("idp.logout.contactServices", "If instructed, the system will attempt to contact the following services:")</p>
- <ol>
- #foreach ($sp in $logoutContext.getSessionMap().keySet())
- #set ($rpCtx = $multiRPContext.getRelyingPartyContextById($sp))
- #if ($rpCtx)
- #set ($rpUIContext = $rpCtx.getSubcontext("net.shibboleth.idp.ui.context.RelyingPartyUIContext"))
- #end
- #if ($rpUIContext and $rpUIContext.getServiceName())
- <li>$encoder.encodeForHTML($rpUIContext.getServiceName())</li>
- #else
- <li>$encoder.encodeForHTML($sp)</li>
- #end
- #end
- </ol>
- #end
-
- #if ($promptForIdP)
- <p><button class="button--secondary" id="logout_cancel" type="submit" name="_eventId" value="end">#springMessageText("idp.logout.cancel", "Cancel")</button></p>
- <p>#springMessageText("idp.logout.cancel.caption", "Cancel logout and retain your SSO session.")</p>
- #end
-
- #if ($promptForIdP or $promptForSP)
- </form>
- #else
- <p><strong>#springMessageText("idp.logout.complete", "The logout operation is complete, and no other services appear to have been accessed during this session.")</strong></p>
- <!-- Complete the flow by adding a hidden iframe. -->
- <iframe style="display:none" src="$flowExecutionUrl&_eventId=proceed"></iframe>
- #end
-
- <ul>
- <li><a href="#springMessageText("idp.url.password.reset", '#')">#springMessageText("idp.login.forgotPassword", "Forgot your password?")</a></li>
- <li><a href="#springMessageText("idp.url.helpdesk", '#')">#springMessageText("idp.login.needHelp", "Need Help?")</a></li>
- </ul>
- </section>
-
- </main>
- <footer class="footer">
- <div class="cc">
- <p>#springMessageText("idp.footer", "Insert your footer text here.")</p>
- </div>
- </footer>
- </body>
-</html>
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/war/.gitkeep b/src/test/docker/shibboleth-idp/opt-shibboleth-idp/war/.gitkeep
deleted file mode 100644
index e69de29..0000000
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.oidc.config/truststore.asc b/src/test/docker/shibboleth-idp/plugin-truststore/net.shibboleth.idp.plugin.oidc.config/truststore.asc
similarity index 100%
rename from src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.oidc.config/truststore.asc
rename to src/test/docker/shibboleth-idp/plugin-truststore/net.shibboleth.idp.plugin.oidc.config/truststore.asc
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.oidc.op/truststore.asc b/src/test/docker/shibboleth-idp/plugin-truststore/net.shibboleth.idp.plugin.oidc.op/truststore.asc
similarity index 100%
rename from src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.idp.plugin.oidc.op/truststore.asc
rename to src/test/docker/shibboleth-idp/plugin-truststore/net.shibboleth.idp.plugin.oidc.op/truststore.asc
diff --git a/src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.oidc.common/truststore.asc b/src/test/docker/shibboleth-idp/plugin-truststore/net.shibboleth.oidc.common/truststore.asc
similarity index 100%
rename from src/test/docker/shibboleth-idp/opt-shibboleth-idp/credentials/net.shibboleth.oidc.common/truststore.asc
rename to src/test/docker/shibboleth-idp/plugin-truststore/net.shibboleth.oidc.common/truststore.asc
diff --git a/src/test/docker/shibboleth-idp/tomcat/idp.xml b/src/test/docker/shibboleth-idp/tomcat/idp.xml
deleted file mode 100644
index 6262af6..0000000
--- a/src/test/docker/shibboleth-idp/tomcat/idp.xml
+++ /dev/null
@@ -1,3 +0,0 @@
-<Context docBase="${idp.home}/war/idp.war"
- privileged="true"
- swallowOutput="true" />
\ No newline at end of file
diff --git a/src/test/docker/shibboleth-idp/tomcat/server.xml b/src/test/docker/shibboleth-idp/tomcat/server.xml
index 77476e1..90ead0d 100644
--- a/src/test/docker/shibboleth-idp/tomcat/server.xml
+++ b/src/test/docker/shibboleth-idp/tomcat/server.xml
@@ -1,162 +1,27 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-<!-- Note: A "Server" is not itself a "Container", so you may not
- define subcomponents such as "Valves" at this level.
- Documentation at /docs/config/server.html
- -->
+<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
- <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
- <!-- Security listener. Documentation at /docs/config/listeners.html
- <Listener className="org.apache.catalina.security.SecurityListener" />
- -->
- <!-- APR library loader. Documentation at /docs/apr.html -->
- <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
- <!-- Prevent memory leaks due to use of particular java/javax APIs-->
- <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
- <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
- <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
-
- <!-- Global JNDI resources
- Documentation at /docs/jndi-resources-howto.html
- -->
- <GlobalNamingResources>
- <!-- Editable user database that can also be used by
- UserDatabaseRealm to authenticate users
- -->
- <Resource name="UserDatabase" auth="Container"
- type="org.apache.catalina.UserDatabase"
- description="User database that can be updated and saved"
- factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
- pathname="conf/tomcat-users.xml" />
- </GlobalNamingResources>
-
- <!-- A "Service" is a collection of one or more "Connectors" that share
- a single "Container" Note: A "Service" is not itself a "Container",
- so you may not define subcomponents such as "Valves" at this level.
- Documentation at /docs/config/service.html
- -->
- <Service name="Catalina">
-
- <!--The connectors can use a shared executor, you can define one or more named thread pools-->
- <!--
- <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
- maxThreads="150" minSpareThreads="4"/>
- -->
-
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
- <!-- A "Connector" represents an endpoint by which requests are received
- and responses are returned. Documentation at :
- HTTP Connector: /docs/config/http.html
- AJP Connector: /docs/config/ajp.html
- Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
- -->
- <Connector port="8080" protocol="HTTP/1.1"
- connectionTimeout="20000"
- redirectPort="8443"
- maxParameterCount="1000"
- scheme="https"
- secure="true"
- />
- <!-- A "Connector" using the shared thread pool-->
- <!--
- <Connector executor="tomcatThreadPool"
- port="8080" protocol="HTTP/1.1"
- connectionTimeout="20000"
- redirectPort="8443"
- maxParameterCount="1000"
- />
- -->
- <!-- Define an SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2
- This connector uses the NIO implementation. The default
- SSLImplementation will depend on the presence of the APR/native
- library and the useOpenSSL attribute of the AprLifecycleListener.
- Either JSSE or OpenSSL style configuration may be used regardless of
- the SSLImplementation selected. JSSE style configuration is used below.
- -->
- <!--
- <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
- maxThreads="150" SSLEnabled="true"
- maxParameterCount="1000"
- >
- <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
- <SSLHostConfig>
- <Certificate certificateKeystoreFile="conf/localhost-rsa.jks"
- type="RSA" />
- </SSLHostConfig>
- </Connector>
- -->
+ <Service name="Catalina">
- <!-- Define an AJP 1.3 Connector on port 8009 -->
- <!--
- <Connector protocol="AJP/1.3"
- address="::1"
- port="8009"
- redirectPort="8443"
- maxParameterCount="1000"
- />
- -->
+ <Connector
+ protocol="org.apache.coyote.http11.Http11NioProtocol"
+ port="8080" maxThreads="200"
+ scheme="https" secure="true">
+ </Connector>
- <!-- An Engine represents the entry point (within Catalina) that processes
- every request. The Engine implementation for Tomcat stand alone
- analyzes the HTTP headers included with the request, and passes them
- on to the appropriate Host (virtual host).
- Documentation at /docs/config/engine.html -->
+ <Engine name="Catalina" defaultHost="localhost">
- <!-- You should set jvmRoute to support load-balancing via AJP ie :
- <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
- -->
- <Engine name="Catalina" defaultHost="localhost">
+ <Host name="localhost" appBase="webapps"
+ unpackWARs="true" autoDeploy="true">
- <!--For clustering, please take a look at documentation at:
- /docs/cluster-howto.html (simple how to)
- /docs/config/cluster.html (reference documentation) -->
- <!--
- <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
- -->
+ <Valve className="org.apache.catalina.valves.AccessLogValve"
+ directory="/tmp" prefix="tomcat_access_log"
+ rotatable="false" pattern="%h %l %u %t "%r" %s %b" />
- <!-- Use the LockOutRealm to prevent attempts to guess user passwords
- via a brute-force attack -->
- <Realm className="org.apache.catalina.realm.LockOutRealm">
- <!-- This Realm uses the UserDatabase configured in the global JNDI
- resources under the key "UserDatabase". Any edits
- that are performed against this UserDatabase are immediately
- available for use by the Realm. -->
- <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
- resourceName="UserDatabase"/>
- </Realm>
-
- <Host name="localhost" appBase="webapps"
- unpackWARs="true" autoDeploy="true">
-
- <!-- SingleSignOn valve, share authentication between web applications
- Documentation at: /docs/config/valve.html -->
- <!--
- <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
- -->
-
- <!-- Access log processes all example.
- Documentation at: /docs/config/valve.html
- Note: The pattern used is equivalent to using pattern="common" -->
- <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
- prefix="localhost_access_log" suffix=".txt"
- pattern="%h %l %u %t "%r" %s %b" />
-
- </Host>
- </Engine>
- </Service>
+ </Host>
+ </Engine>
+ </Service>
</Server>
+
diff --git a/src/test/docker/shibboleth-idp/tomcat/setenv.sh b/src/test/docker/shibboleth-idp/tomcat/setenv.sh
deleted file mode 100644
index a88f2b6..0000000
--- a/src/test/docker/shibboleth-idp/tomcat/setenv.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-
-export "CATALINA_OPTS=$CATALINA_OPTS -Didp.home=/opt/shibboleth-idp"
\ No newline at end of file