From 0102c727c4a298d235360582fcb14b8b9d8d28ef Mon Sep 17 00:00:00 2001 From: Geeth Munasinghe Date: Wed, 3 Dec 2014 11:05:29 +0530 Subject: [PATCH] Adding the config directory --- .../src/repository/conf/api-manager.xml | 524 +++++++++++++ .../conf/application-authenticators.xml | 23 + .../src/repository/conf/axis2/axis2.xml | 702 ++++++++++++++++++ .../src/repository/conf/carbon.xml | 625 ++++++++++++++++ .../repository/conf/cipher-tool.properties | 36 + .../data-bridge/cassandra-datasink-config.xml | 22 + .../conf/data-bridge/data-bridge-config.xml | 70 ++ .../conf/datasources/master-datasources.xml | 139 ++++ .../src/repository/conf/emm-config.xml | 51 ++ .../repository/conf/entitlement.properties | 43 ++ .../src/repository/conf/identity.xml | 230 ++++++ .../src/repository/conf/log4j.properties | 164 ++++ .../conf/multitenancy/cloud-services-desc.xml | 186 +++++ .../src/repository/conf/registry.xml | 195 +++++ .../src/repository/conf/shindig.properties | 215 ++++++ .../src/repository/conf/sso-idp-config.xml | 52 ++ .../src/repository/conf/tomcat/context.xml | 38 + .../repository/conf/trusted-idp-config.xml | 21 + .../src/repository/conf/user-mgt.xml | 343 +++++++++ .../src/repository/conf/wso2emm.jks | Bin 0 -> 3180 bytes .../src/repository/conf/wso2permission.jks | Bin 0 -> 46409 bytes 21 files changed, 3679 insertions(+) create mode 100755 modules/distribution/src/repository/conf/api-manager.xml create mode 100755 modules/distribution/src/repository/conf/application-authenticators.xml create mode 100644 modules/distribution/src/repository/conf/axis2/axis2.xml create mode 100644 modules/distribution/src/repository/conf/carbon.xml create mode 100644 modules/distribution/src/repository/conf/cipher-tool.properties create mode 100755 modules/distribution/src/repository/conf/data-bridge/cassandra-datasink-config.xml create mode 100755 modules/distribution/src/repository/conf/data-bridge/data-bridge-config.xml create mode 100755 modules/distribution/src/repository/conf/datasources/master-datasources.xml create mode 100644 modules/distribution/src/repository/conf/emm-config.xml create mode 100644 modules/distribution/src/repository/conf/entitlement.properties create mode 100755 modules/distribution/src/repository/conf/identity.xml create mode 100644 modules/distribution/src/repository/conf/log4j.properties create mode 100644 modules/distribution/src/repository/conf/multitenancy/cloud-services-desc.xml create mode 100755 modules/distribution/src/repository/conf/registry.xml create mode 100644 modules/distribution/src/repository/conf/shindig.properties create mode 100755 modules/distribution/src/repository/conf/sso-idp-config.xml create mode 100644 modules/distribution/src/repository/conf/tomcat/context.xml create mode 100644 modules/distribution/src/repository/conf/trusted-idp-config.xml create mode 100644 modules/distribution/src/repository/conf/user-mgt.xml create mode 100644 modules/distribution/src/repository/conf/wso2emm.jks create mode 100644 modules/distribution/src/repository/conf/wso2permission.jks diff --git a/modules/distribution/src/repository/conf/api-manager.xml b/modules/distribution/src/repository/conf/api-manager.xml new file mode 100755 index 0000000000..56cd371db5 --- /dev/null +++ b/modules/distribution/src/repository/conf/api-manager.xml @@ -0,0 +1,524 @@ + + + jdbc/WSO2AM_DB + + + EMM + + + false + + + + + + + + + + + + + + + + https://${carbon.local.ip}:${mgt.transport.https.port}/services/ + + admin + + admin + + + + + + X-JWT-Assertion + + + + + + + + + + + + + + + + + + + + + + + + + + + Production and Sandbox + + https://${carbon.local.ip}:${mgt.transport.https.port}/services/ + + admin + + admin + + http://${carbon.local.ip}:${http.nio.port},https://${carbon.local.ip}:${https.nio.port} + + + + + false + + + referer + + + + + false + + + + + + false + + + org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher + + + 7612 + + + tcp://localhost:7612/ + + + admin + + + admin + + + + + + + + false + + + UA-XXXXXXXX-X + + + + + + + + + https://${carbon.local.ip}:${mgt.transport.https.port}/services/ + + + admin + + + admin + + false + + + + false + + + + ThriftClient + 10397 + 10000 + 10397 + + true + + + + + + + + oauth2/token + + + false + + + + + + + true + + + + + + true + + + subscriber + + + true + + + + + + false + + false + + + true + + + true + + + + + + + + + + + + + + + + + + + + + + + + + + false + + + + + + + + + + + + + + + + + + + + + + + + true + + + https://localhost:9443,http://localhost:9763 + + + authorization,Access-Control-Allow-Origin,Content-Type + + + GET,POST,PUT,DELETE,OPTIONS + + + + diff --git a/modules/distribution/src/repository/conf/application-authenticators.xml b/modules/distribution/src/repository/conf/application-authenticators.xml new file mode 100755 index 0000000000..c13c040107 --- /dev/null +++ b/modules/distribution/src/repository/conf/application-authenticators.xml @@ -0,0 +1,23 @@ + + + + + + + + + \ No newline at end of file diff --git a/modules/distribution/src/repository/conf/axis2/axis2.xml b/modules/distribution/src/repository/conf/axis2/axis2.xml new file mode 100644 index 0000000000..0ecbffaabe --- /dev/null +++ b/modules/distribution/src/repository/conf/axis2/axis2.xml @@ -0,0 +1,702 @@ + + + + + + + + + + + + + ${hotdeployment} + ${hotupdate} + optional + true + work/mtom + 4000 + + ${childfirstCL} + + + true + + + + false + + inmemory + + + + + + + services + + + axis2services + + + axis2modules + + + @product.name@-@product.version@ + + + @product.name@-@product.version@ + + + + + + + false + + + + + + false + + + true + + + + ./repository/deployment/server/synapse-configs + + + + . + + + . + + + WSO2 Carbon Server + + + + + + + ${jaxwsparam} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 9763 + + + + + + + + + + + + 9443 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + HTTP/1.1 + chunked + + true + + + HTTP/1.1 + chunked + + true + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + true + + + multicast + + + + + wso2.carbon.domain + + + + + + 45564 + + 100 + + 60 + + + + + + 127.0.0.1 + + + + + + 4000 + + + + + + + + + + + + + + + 127.0.0.1 + 4000 + + + + + + + + + diff --git a/modules/distribution/src/repository/conf/carbon.xml b/modules/distribution/src/repository/conf/carbon.xml new file mode 100644 index 0000000000..c134855b43 --- /dev/null +++ b/modules/distribution/src/repository/conf/carbon.xml @@ -0,0 +1,625 @@ + + + + + + + + + WSO2 Enterprise Mobile Platform + + + EMM + + + 1.1.0 + + + + + + + + + local:/${carbon.context}/services/ + + + + + + + MobilePlatform + + + + + + + org.wso2.carbon + + + / + + + + + + 15 + + + + + + + + + 0 + + + + + 9999 + + 11111 + + + + + + 10389 + + 8000 + + + + + + 5672 + + 8672 + + + + + + 10500 + + + + + + + org.wso2.carbon.tomcat.jndi.CarbonJavaURLContextFactory + + + + + + + + + java + + + + + + + + + + false + + + false + + + 600 + + + + false + false + + + + + + ${carbon.home}/repository/deployment/server/ + + + 15 + + + ${carbon.home}/repository/conf/axis2/axis2.xml + + + 30000 + + + ${carbon.home}/repository/deployment/client/ + + ${carbon.home}/repository/conf/axis2/axis2_client.xml + + true + + + + + + + + + + admin + Default Administrator Role + + + user + Default User Role + + + + + false + + + + + + + ${carbon.home}/repository/resources/security/wso2carbon.jks + + JKS + + wso2carbon + + wso2carbon + + wso2carbon + + + + + + ${carbon.home}/repository/resources/security/wso2carbon.jks + + JKS + + wso2carbon + + wso2carbon + + wso2carbon + + + + + + ${carbon.home}/repository/resources/security/client-truststore.jks + + JKS + + wso2carbon + + + + + + + + + + + + + + + + + + + UserManager + + + false + + + + + + + ${carbon.home}/tmp/work + + + + + + true + + + 10 + + + 30 + + + + + + 100 + + + + keystore + certificate + * + + org.wso2.carbon.ui.transports.fileupload.AnyFileUploadExecutor + + + + + jarZip + + org.wso2.carbon.ui.transports.fileupload.JarZipUploadExecutor + + + + dbs + + org.wso2.carbon.ui.transports.fileupload.DBSFileUploadExecutor + + + + tools + + org.wso2.carbon.ui.transports.fileupload.ToolsFileUploadExecutor + + + + toolsAny + + org.wso2.carbon.ui.transports.fileupload.ToolsAnyFileUploadExecutor + + + + + + + info + org.wso2.carbon.core.transports.util.InfoProcessor + + + wsdl + org.wso2.carbon.core.transports.util.Wsdl11Processor + + + wsdl2 + org.wso2.carbon.core.transports.util.Wsdl20Processor + + + xsd + org.wso2.carbon.core.transports.util.XsdProcessor + + + + + + false + false + true + svn + http://svnrepo.example.com/repos/ + username + password + true + + + + + + + + + + + + + + + ${require.carbon.servlet} + + + + + true + + + + + + + default repository + http://dist.wso2.org/p2/carbon/releases/4.2.0 + + + + + + + + true + + + + + + true + + diff --git a/modules/distribution/src/repository/conf/cipher-tool.properties b/modules/distribution/src/repository/conf/cipher-tool.properties new file mode 100644 index 0000000000..2f0878a549 --- /dev/null +++ b/modules/distribution/src/repository/conf/cipher-tool.properties @@ -0,0 +1,36 @@ +# This properties file contains all the aliases to be used in carbon components. If any property need to be secured, you need to add alias name and the value. This value is described as follows. +# The value goes as, the file name//xpath to the property value to be secured,true if xml elements start with capital letter. Please check existing property values below. + +transports.https.keystorePass=mgt-transports.xml//transports/transport[@name='https']/parameter[@name='keystorePass'],false +Carbon.Security.KeyStore.Password=carbon.xml//Server/Security/KeyStore/KeyPassword,true +Carbon.Security.KeyStore.KeyPassword=carbon.xml//Server/Security/KeyStore/Password,true +Carbon.Security.TrustStore.Password=carbon.xml//Server/Security/TrustStore/Password,true +UserManager.AdminUser.Password=user-mgt.xml//UserManager/Realm/Configuration/AdminUser/Password,true +Datasources.WSO2_CARBON_DB.Configuration.Password=master-datasources.xml//datasources-configuration/datasources/datasource[name='WSO2_CARBON_DB']/definition[@type='RDBMS']/configuration/password,false +#Datasource.WSO2AM_DB.configuration.password=master-datasources.xml//datasources-configuration/datasources/datasource[name='WSO2AM_DB']/definition[@type='RDBMS']/configuration/password,false +#Datasource.WSO2AM_STATS_DB.configuration.password=master-datasources.xml//datasources-configuration/datasources/datasource[name='WSO2AM_STATS_DB']/definition[@type='RDBMS']/configuration/password,false +#UserStoreManager.Property.ConnectionPassword=user-mgt.xml//UserManager/Realm/UserStoreManager/Property[@name='ConnectionPassword'],true +#UserStoreManager.Property.password=user-mgt.xml//UserManager/Realm/UserStoreManager/Property[@name='password'],true +#AuthManager.Password=api-manager.xml//APIManager/AuthManager/Password,true +#APIGateway.Password=api-manager.xml//APIManager/APIGateway/Environments/Environment/Password,true +#APIUsageTracking.BAMPassword=api-manager.xml//APIManager/APIUsageTracking/BAMPassword,true +#APIUsageTracking.JDBCPassword=api-manager.xml//APIManager/APIUsageTracking/JDBCPassword,true +#APIKeyManager.Password=api-manager.xml//APIManager/APIKeyManager/Password,true +#Database.Password=api-manager.xml//APIManager/Database/Password,true +#Security.UserTrustedRPStore.Password=identity.xml//Server/Security/UserTrustedRPStore/Password +#Security.UserTrustedRPStore.KeyPassword=identity.xml//Server/Security/UserTrustedRPStore/KeyPassword +#Identity.System.StorePass=identity.xml//Server/Identity/System/StorePass +#MultifactorAuthentication.XMPPSettings.XMPPConfig.XMPPPassword=identity.xml//MultifactorAuthentication/XMPPSettings/XMPPConfig/XMPPPassword +#BPELEPR.Password=securedinvoke.epr//EndpointReference/Metadata/transport/authorization-password,false +Axis2.Https.Listener.TrustStore.Password=axis2.xml//axisconfig/transportReceiver[@name='https']/parameter[@name='truststore']/TrustStore/Password,false +Axis2.Https.Listener.KeyStore.Password=axis2.xml//axisconfig/transportReceiver[@name='https']/parameter[@name='keystore']/KeyStore/Password,false +Axis2.Https.Listener.KeyStore.KeyPassword=axis2.xml//axisconfig/transportReceiver[@name='https']/parameter[@name='keystore']/KeyStore/KeyPassword,false +Axis2.Https.Sender.TrustStore.Password=axis2.xml//axisconfig/transportSender[@name='https']/parameter[@name='truststore']/TrustStore/Password,false +Axis2.Https.Sender.KeyStore.Password=axis2.xml//axisconfig/transportSender[@name='https']/parameter[@name='keystore']/KeyStore/Password,false +Axis2.Https.Sender.KeyStore.KeyPassword=axis2.xml//axisconfig/transportSender[@name='https']/parameter[@name='keystore']/KeyStore/KeyPassword,false +Axis2.Mailto.Parameter.Password=axis2.xml//axisconfig/transportSender[@name='mailto']/parameter[@name='mail.smtp.password'],false +eventBrokerConfig.eventBroker.deliveryManager.remoteMessageBroker.password=event-broker.xml//eventBrokerConfig/eventBroker/deliveryManager/remoteMessageBroker/password,false + + + + diff --git a/modules/distribution/src/repository/conf/data-bridge/cassandra-datasink-config.xml b/modules/distribution/src/repository/conf/data-bridge/cassandra-datasink-config.xml new file mode 100755 index 0000000000..7bc8f4445a --- /dev/null +++ b/modules/distribution/src/repository/conf/data-bridge/cassandra-datasink-config.xml @@ -0,0 +1,22 @@ + + + + + * + rt_* + + diff --git a/modules/distribution/src/repository/conf/data-bridge/data-bridge-config.xml b/modules/distribution/src/repository/conf/data-bridge/data-bridge-config.xml new file mode 100755 index 0000000000..6081e61eec --- /dev/null +++ b/modules/distribution/src/repository/conf/data-bridge/data-bridge-config.xml @@ -0,0 +1,70 @@ + + + + + org.wso2.carbon.databridge.streamdefn.cassandra.datastore.CassandraStreamDefinitionStore + + 10 + 10000 + 30000 + EVENT_KS + + + + + 7611 + 7711 + + + + + diff --git a/modules/distribution/src/repository/conf/datasources/master-datasources.xml b/modules/distribution/src/repository/conf/datasources/master-datasources.xml new file mode 100755 index 0000000000..b1535beb62 --- /dev/null +++ b/modules/distribution/src/repository/conf/datasources/master-datasources.xml @@ -0,0 +1,139 @@ + + + org.wso2.carbon.ndatasource.rdbms.RDBMSDataSourceReader + + + + + WSO2_EMM_DB + The datasource used for EMM + + jdbc/WSO2EMMDB + + + + jdbc:h2:repository/database/WSO2EMM_DB;DB_CLOSE_ON_EXIT=FALSE + wso2carbon + wso2carbon + org.h2.Driver + 50 + 60000 + true + SELECT 1 + 30000 + + + + + WSO2_CARBON_DB + The datasource used for registry and user manager + + jdbc/WSO2CarbonDB + + + + jdbc:h2:repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE + wso2carbon + wso2carbon + org.h2.Driver + 50 + 60000 + true + SELECT 1 + 30000 + + + + + + WSO2_IDENTITY_DB + The datasource used for Identity configurations + + jdbc/WSO2IdentityDB + + + + jdbc:h2:repository/database/WSO2IDENTITY_DB;DB_CLOSE_ON_EXIT=FALSE + wso2carbon + wso2carbon + org.h2.Driver + 50 + 60000 + true + SELECT 1 + 30000 + + + + + + SOCIAL_CACHE + The datasource used for storing the cached social objects. + + jdbc/test + + + + jdbc:h2:repository/database/WSO2SOCIAL_CACHE_DB;DB_CLOSE_ON_EXIT=FALSE + wso2carbon + wso2carbon + org.h2.Driver + 50 + 60000 + + + + + + SOCIAL_CASSANDRA_DB + The cassandra datasource used for storing social activities + + + jdbc:cassandra://localhost:9160/EVENT_KS + admin@admin.com + admin + org.apache.cassandra.cql.jdbc.CassandraDriver + + + + + + WSO2AM_DB + The datasource used for API Manager database + + jdbc/WSO2AM_DB + + + + jdbc:h2:repository/database/WSO2AM_DB;DB_CLOSE_ON_EXIT=FALSE + wso2carbon + wso2carbon + org.h2.Driver + 50 + 60000 + true + SELECT 1 + 30000 + + + + + + JAGH2 + The datasource used for by the Jaggery Storage Manager + + jdbc/test + + + + jdbc:h2:~/test;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000 + sa + + org.h2.Driver + 50 + 60000 + + + + + diff --git a/modules/distribution/src/repository/conf/emm-config.xml b/modules/distribution/src/repository/conf/emm-config.xml new file mode 100644 index 0000000000..caf7817eba --- /dev/null +++ b/modules/distribution/src/repository/conf/emm-config.xml @@ -0,0 +1,51 @@ + + + + + + + 60000 + + + + https://192.168.1.2:9443/emm/scep + https://192.168.1.2:9443/emm/profile + https://192.168.1.2:9443/emm/checkin + https://192.168.1.2:9443/emm/server + + + http://192.168.1.2:9763/emm/api/devices/iostokenregister + + + + ${carbon.home}/repository/resources/security/wso2emm.jks + + JKS + + wso2carbon + + cacert + + cacert + + racert + + racert + + + + diff --git a/modules/distribution/src/repository/conf/entitlement.properties b/modules/distribution/src/repository/conf/entitlement.properties new file mode 100644 index 0000000000..41e11316e7 --- /dev/null +++ b/modules/distribution/src/repository/conf/entitlement.properties @@ -0,0 +1,43 @@ +PDP.Enable=true +PAP.Enable=true +PDP.DecisionCaching.Enable=true +#cache intervals are in seconds +PDP.DecisionCaching.CachingInterval=300 +PDP.AttributeCaching.Enable=true +PDP.AttributeCaching.CachingInterval=300 +PDP.ResourceCaching.Enable=true +PDP.ResourceCaching.CachingInterval=300 +PDP.SchemaValidation.Enable=true +PDP.Balana.Config.Enable=false +PDP.Multiple.Decision.Profile.Enable=true +PDP.Global.Policy.Combining.Algorithm=urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:deny-overrides +PAP.Policy.Add.Start.Enable=false +PAP.Items.Per.Page=10 + +#PDP.Extensions.Extension.1=your.extension.class.name + + +#PDP.Policy.Store=org.wso2.carbon.identity.entitlement.policy.store.CarbonRegistryPolicyStore + +PIP.AttributeDesignators.Designator.1=org.wso2.carbon.identity.entitlement.pip.DefaultAttributeFinder +PIP.ResourceFinders.Finder.1=org.wso2.carbon.identity.entitlement.pip.DefaultResourceFinder + +PAP.Entitlement.Data.Finder.1=org.wso2.carbon.identity.entitlement.pap.CarbonEntitlementDataFinder +PAP.Policy.Publisher.Module.1=org.wso2.carbon.identity.entitlement.policy.publisher.CarbonBasicPolicyPublisherModule +#PAP.Policy.Post.Publisher.Module.1= +#PAP.Policy.Publisher.Verification.Handler= +PAP.Policy.Version.Module=org.wso2.carbon.identity.entitlement.policy.version.DefaultPolicyVersionManager +PAP.Status.Data.Handler.1=org.wso2.carbon.identity.entitlement.SimplePAPStatusDataHandler + +PDP.Policy.Finder.1=org.wso2.carbon.identity.entitlement.policy.store.RegistryPolicyStoreManageModule +#PDP.Policy.Collection +PDP.Policy.Store.Module=org.wso2.carbon.identity.entitlement.policy.store.RegistryPolicyStoreManageModule +PDP.Policy.Data.Store.Module=org.wso2.carbon.identity.entitlement.policy.store.DefaultPolicyDataStore + +# Properties needed for each extension. +# org.wso2.carbon.identity.entitlement.pip.DefaultAttributeFinder.1=name,value +# org.wso2.carbon.identity.entitlement.pip.DefaultAttributeFinder.2=name,value +# org.wso2.carbon.identity.entitlement.pip.DefaultResourceFinder.1=name.value +# org.wso2.carbon.identity.entitlement.pip.DefaultResourceFinder.2=name,value +# org.wso2.carbon.identity.entitlement.policy.CarbonPolicyMetaDataFinder.1=name,value +# org.wso2.carbon.identity.entitlement.policy.CarbonPolicyMetaDataFinder.2=name,value diff --git a/modules/distribution/src/repository/conf/identity.xml b/modules/distribution/src/repository/conf/identity.xml new file mode 100755 index 0000000000..1539480614 --- /dev/null +++ b/modules/distribution/src/repository/conf/identity.xml @@ -0,0 +1,230 @@ + + + + + + https://localhost:9443/openidserver + + https://localhost:9443/openid/ + + false + + 7200 + + + + + jdbc/WSO2AM_DB + + + true + + + + + + ${carbon.home}/repository/resources/security/userRP.jks + + JKS + + wso2carbon + + wso2carbon + + + + ${carbon.home}/conf/keystores + + + + SelfAndManaged + CertValidate + + + + + + + + + + https://10.100.5.3:9443/oauth/request-token + https://10.100.5.3:9443/oauth/access-token + https://10.100.5.3:9443/oauth/authorize-url + + 300 + + 3600 + + 3600 + + 3600 + + 300 + + true + + + org.wso2.carbon.identity.oauth.tokenprocessor.PlainTextPersistenceProcessor + + + org.wso2.carbon.identity.oauth2.token.handlers.clientauth.BasicAuthClientAuthHandler + + + + + + token + org.wso2.carbon.identity.oauth2.authz.handlers.TokenResponseTypeHandler + + + code + org.wso2.carbon.identity.oauth2.authz.handlers.CodeResponseTypeHandler + + + + + + authorization_code + org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationCodeGrantHandler + + + password + org.wso2.carbon.apimgt.keymgt.handlers.ExtendedPasswordGrantHandler + + + refresh_token + org.wso2.carbon.identity.oauth2.token.handlers.grant.RefreshGrantHandler + + + client_credentials + org.wso2.carbon.identity.oauth2.token.handlers.grant.ClientCredentialsGrantHandler + + + urn:ietf:params:oauth:grant-type:saml2-bearer + org.wso2.carbon.identity.oauth2.token.handlers.grant.saml.SAML2BearerGrantHandler + + + + + + + + + + + + + + + false + + + + false + + + + + + false + org.wso2.carbon.identity.oauth2.authcontext.JWTTokenGenerator + org.wso2.carbon.identity.oauth2.authcontext.DefaultClaimsRetriever + http://wso2.org/claims + SHA256withRSA + 15 + + + + + + + + + + + + + + gtalk + talk.google.com + 5222 + gmail.com + multifactor1@gmail.com + wso2carbon + + + + + + https://localhost:9443/samlsso + + + + + + + true + 36000 + + + true + + + true + ${Ports.ThriftEntitlementReceivePort} + 10000 + + ${carbon.home}/repository/resources/security/wso2carbon.jks + wso2carbon + + + + + + false + diff --git a/modules/distribution/src/repository/conf/log4j.properties b/modules/distribution/src/repository/conf/log4j.properties new file mode 100644 index 0000000000..70f371f819 --- /dev/null +++ b/modules/distribution/src/repository/conf/log4j.properties @@ -0,0 +1,164 @@ +# +# Copyright 2009 WSO2, Inc. (http://wso2.com) +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# +# This is the log4j configuration file used by WSO2 Carbon +# +# IMPORTANT : Please do not remove or change the names of any +# of the Appenders defined here. The layout pattern & log file +# can be changed using the WSO2 Carbon Management Console, and those +# settings will override the settings in this file. +# + +log4j.rootLogger=INFO, CARBON_CONSOLE, CARBON_LOGFILE, CARBON_MEMORY, CARBON_SYS_LOG + +log4j.logger.AUDIT_LOG=INFO, AUDIT_LOGFILE +log4j.logger.org.apache.axis2.wsdl.codegen.writer.PrettyPrinter=ERROR, CARBON_LOGFILE, CARBON_MEMORY +log4j.logger.org.apache.axis2.clustering=INFO, CARBON_CONSOLE, CARBON_LOGFILE +log4j.logger.org.apache=INFO, CARBON_LOGFILE, CARBON_MEMORY +log4j.logger.org.apache.catalina=WARN +log4j.logger.org.apache.tomcat=WARN +log4j.logger.org.wso2.carbon.apacheds=WARN +log4j.logger.org.apache.directory.server.ldap=WARN +log4j.logger.org.apache.directory.server.core.event=WARN +log4j.logger.com.atomikos=INFO,ATOMIKOS +log4j.logger.org.quartz=WARN +log4j.logger.org.apache.jackrabbit.webdav=WARN +log4j.logger.org.apache.juddi=ERROR +log4j.logger.org.apache.commons.digester.Digester=WARN +log4j.logger.org.apache.jasper.compiler.TldLocationsCache=WARN +log4j.logger.org.apache.qpid=WARN +log4j.logger.org.apache.qpid.server.Main=INFO +log4j.logger.qpid.message=WARN +log4j.logger.qpid.message.broker.listening=INFO +log4j.logger.org.apache.tiles=WARN +log4j.logger.org.apache.commons.httpclient=ERROR +log4j.logger.org.apache.coyote=WARN +log4j.logger.org.apache.solr=ERROR +log4j.logger.org.infinispan=WARN +log4j.logger.org.jgroups=ERROR +log4j.logger.me.prettyprint.cassandra.hector.TimingLogger=ERROR +log4j.logger.org.wso2=INFO +log4j.logger.org.apache.axis2.enterprise=FATAL, CARBON_LOGFILE, CARBON_MEMORY +log4j.logger.org.opensaml.xml=WARN, CARBON_LOGFILE, CARBON_MEMORY +log4j.logger.org.apache.directory.shared.ldap=WARN, CARBON_LOGFILE, CARBON_MEMORY +log4j.logger.org.apache.directory.server.ldap.handlers=WARN, CARBON_LOGFILE, CARBON_MEMORY +#Following are to remove false error messages from startup (IS) +log4j.logger.org.apache.directory.shared.ldap.entry.DefaultServerAttribute=FATAL, CARBON_LOGFILE, CARBON_MEMORY +log4j.logger.org.apache.directory.server.core.DefaultDirectoryService=ERROR, CARBON_LOGFILE, CARBON_MEMORY +log4j.logger.org.apache.directory.shared.ldap.ldif.LdifReader=ERROR, CARBON_LOGFILE, CARBON_MEMORY +log4j.logger.org.apache.directory.server.ldap.LdapProtocolHandler=ERROR, CARBON_LOGFILE, CARBON_MEMORY +log4j.logger.org.apache.directory.server.core=ERROR, CARBON_LOGFILE, CARBON_MEMORY +#Hive Related Log configurations +log4j.logger.DataNucleus=ERROR +log4j.logger.Datastore=ERROR +log4j.logger.Datastore.Schema=ERROR +log4j.logger.JPOX.Datastore=ERROR +log4j.logger.JPOX.Plugin=ERROR +log4j.logger.JPOX.MetaData=ERROR +log4j.logger.JPOX.Query=ERROR +log4j.logger.JPOX.General=ERROR +log4j.logger.JPOX.Enhancer=ERROR +log4j.logger.org.apache.hadoop.hive=WARN +log4j.logger.hive=WARN +log4j.logger.ExecMapper=WARN +log4j.logger.ExecReducer=WARN +log4j.logger.net.sf.ehcache=ERROR + +log4j.logger.trace.messages=TRACE,CARBON_TRACE_LOGFILE + +log4j.additivity.org.apache.axis2.clustering=false +log4j.additivity.com.atomikos=false + +# CARBON_CONSOLE is set to be a ConsoleAppender using a PatternLayout. +log4j.appender.CARBON_CONSOLE=org.apache.log4j.ConsoleAppender +log4j.appender.CARBON_CONSOLE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout +# ConversionPattern will be overridden by the configuration setting in the DB +log4j.appender.CARBON_CONSOLE.layout.ConversionPattern=[%d] %P%5p {%c} - %x %m%n +log4j.appender.CARBON_CONSOLE.layout.TenantPattern=%U%@%D[%T] +log4j.appender.CARBON_CONSOLE.threshold=DEBUG + +# CARBON_MEMORY is set to be a MemoryAppender using a PatternLayout. +log4j.appender.CARBON_MEMORY=org.wso2.carbon.logging.appenders.MemoryAppender +log4j.appender.CARBON_MEMORY.layout=org.apache.log4j.PatternLayout +log4j.appender.CARBON_MEMORY.bufferSize=200 +# ConversionPattern will be overridden by the configuration setting in the DB +#log4j.appender.CARBON_MEMORY.layout.ConversionPattern=[%d] %5p - %x %m {%c}%n +log4j.appender.CARBON_MEMORY.layout.ConversionPattern=[%d] %5p {%c} - %x %m%n +log4j.appender.CARBON_MEMORY.threshold=DEBUG + + +# CARBON_LOGFILE is set to be a DailyRollingFileAppender using a PatternLayout. +log4j.appender.CARBON_LOGFILE=org.apache.log4j.DailyRollingFileAppender +# Log file will be overridden by the configuration setting in the DB +# This path should be relative to WSO2 Carbon Home +log4j.appender.CARBON_LOGFILE.File=${carbon.home}/repository/logs/${instance.log}/wso2carbon${instance.log}.log +log4j.appender.CARBON_LOGFILE.Append=true +log4j.appender.CARBON_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout +# ConversionPattern will be overridden by the configuration setting in the DB +log4j.appender.CARBON_LOGFILE.layout.ConversionPattern=TID: [%T] [%S] [%d] %P%5p {%c} - %x %m {%c}%n +log4j.appender.CARBON_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S] +log4j.appender.CARBON_LOGFILE.threshold=DEBUG + +log4j.appender.CARBON_SYS_LOG = org.apache.log4j.net.SyslogAppender +log4j.appender.CARBON_SYS_LOG.layout=org.apache.log4j.PatternLayout +log4j.appender.CARBON_SYS_LOG.layout.ConversionPattern=[%d] %5p {%c} - %x %m {%c}%n +log4j.appender.CARBON_SYS_LOG.SyslogHost=localhost +log4j.appender.CARBON_SYS_LOG.Facility=USER +log4j.appender.CARBON_SYS_LOG.threshold=DEBUG + +# LOGEVENT is set to be a LogEventAppender using a PatternLayout to send logs to LOGEVENT +log4j.appender.LOGEVENT=org.wso2.carbon.logging.appender.LogEventAppender +log4j.appender.LOGEVENT.url=tcp://10.100.3.103:7611 +log4j.appender.LOGEVENT.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout +log4j.appender.LOGEVENT.columnList=%T,%S,%A,%d,%c,%p,%m,%H,%I,%Stacktrace +log4j.appender.LOGEVENT.userName=admin +log4j.appender.LOGEVENT.password=admin + +# Appender config to CARBON_TRACE_LOGFILE +log4j.appender.CARBON_TRACE_LOGFILE=org.apache.log4j.DailyRollingFileAppender +log4j.appender.CARBON_TRACE_LOGFILE.File=${carbon.home}/repository/logs/${instance.log}/wso2carbon-trace-messages${instance.log}.log +log4j.appender.CARBON_TRACE_LOGFILE.Append=true +log4j.appender.CARBON_TRACE_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout +log4j.appender.CARBON_TRACE_LOGFILE.layout.ConversionPattern=[%d] %P%5p {%c} - %x %m {%c}%n +log4j.appender.CARBON_TRACE_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S] +log4j.appender.CARBON_TRACE_LOGFILE.threshold=TRACE +log4j.additivity.trace.messages=false + +# Appender config to AUDIT_LOGFILE +log4j.appender.AUDIT_LOGFILE=org.apache.log4j.DailyRollingFileAppender +log4j.appender.AUDIT_LOGFILE.File=${carbon.home}/repository/logs/audit.log +log4j.appender.AUDIT_LOGFILE.Append=true +log4j.appender.AUDIT_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout +log4j.appender.AUDIT_LOGFILE.layout.ConversionPattern=[%d] %P%5p - %x %m %n +log4j.appender.AUDIT_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S] +log4j.appender.AUDIT_LOGFILE.threshold=INFO +log4j.additivity.AUDIT_LOG=false + +# Appender config to send Atomikos transaction logs to new log file tm.out. +log4j.appender.ATOMIKOS = org.apache.log4j.RollingFileAppender +log4j.appender.ATOMIKOS.File = repository/logs/tm.out +log4j.appender.ATOMIKOS.Append = true +log4j.appender.ATOMIKOS.layout = org.apache.log4j.PatternLayout +log4j.appender.ATOMIKOS.layout.ConversionPattern=%p %t %c - %m%n + +# This file is used to override the default logger settings, and is used to remove unwanted logs from Shindig appearing on the console. + +# Specification of Handler used by Console Logger +handlers=java.util.logging.ConsoleHandler + +# Replacing default INFO level with SEVERE +java.util.logging.ConsoleHandler.level=SEVERE diff --git a/modules/distribution/src/repository/conf/multitenancy/cloud-services-desc.xml b/modules/distribution/src/repository/conf/multitenancy/cloud-services-desc.xml new file mode 100644 index 0000000000..43da09023e --- /dev/null +++ b/modules/distribution/src/repository/conf/multitenancy/cloud-services-desc.xml @@ -0,0 +1,186 @@ + + + + SCC + + https://scc.cloud.wso2.com + + http://wso2.com/cloud/stratos + WSO2 stratos controller. + + + CC + + https://cc.cloud.wso2.com + + http://wso2.com/cloud/stratos + WSO2 Cloud Controller. + + + Agent + + https://cc.cloud.wso2.com + + http://wso2.com/cloud/stratos + WSO2 Stratos Agent. + + + ESB + + https://esb.cloud.wso2.com + + https://localhost:9443/cloud-services-icons/esb.gif + + http://wso2.com/products/enterprise-service-bus/ + Enterprise Service Bus in the cloud. + + + AS + + https://appserver.cloud.wso2.com + + https://localhost:9443/cloud-services-icons/appserver.gif + + http://wso2.com/products/application-server/ + Application Server in the cloud. + + + DSS + + https://dss.cloud.wso2.com + + https://localhost:9443/cloud-services-icons/ds.gif + + http://wso2.com/products/data-services-server/ + Data Services Server in the cloud. + + + Greg + + https://governance.cloud.wso2.com + Governance in the cloud. + + https://localhost:9443/cloud-services-icons/governance.gif + + http://wso2.com/products/governance-registry/ + + + IS + + https://identity.cloud.wso2.com + + https://localhost:9443/cloud-services-icons/identity.gif + + Identity in the cloud. + http://wso2.com/products/identity-server/ + + + + https://bam.cloud.wso2.com + + https://localhost:9443/cloud-services-icons/bam.gif + + Business Activity Monitor in the cloud. + http://wso2.com/products/business-activity-monitor/ + + + BPS + + https://bps.cloud.wso2.com + + https://localhost:9443/cloud-services-icons/bps.gif + + Business Process Server in the cloud. + http://wso2.com/products/business-process-server/ + + + BRS + + https://brs.cloud.wso2.com + + https://localhost:9443/cloud-services-icons/brs.gif + + Business Rules Server in the cloud. + http://wso2.com/products/business-rules-server/ + + + MB + + https://mashup.cloud.wso2.com + + https://localhost:9443/cloud-services-icons/mashup.gif + + Mashup Server in the cloud. + http://wso2.com/products/mashup-server/ + + + GS + + https://gadget.cloud.wso2.com + + https://localhost:9443/cloud-services-icons/gadget.gif + + Gadgets in the cloud. + http://wso2.com/products/gadget-server/ + + + CG + + https://cg.stratoslive.wso2.com + + https://localhost:9443/cloud-services-icons/csg.gif + + Cloud Gateway in the cloud. + http://wso2.com/products/cloud-services-gateway/ + + + CEP + + https://cep.cloud.wso2.com + + https://localhost:9443/cloud-services-icons/cep.gif + + http://wso2.com/products/complex-event-processing-server/ + Complex Event Processor in the cloud. + + + MB + + https://mb.cloud.wso2.com + + https://localhost:9443/cloud-services-icons/mb.gif + + http://wso2.com/products/message-broker/ + Message Broker in the cloud. + + + SS + + https://ss.stratoslive.wso2.com + + https://localhost:9443/cloud-services-icons/ss.gif + + WSO2 Storage Server. + http://wso2.com/products/storage-server/ + + + ES + + https://es.stratoslive.wso2.com + + https://localhost:9443/cloud-services-icons/ss.gif + + WSO2 Enterprise Store. + http://wso2.com/products/storage-server/ + + \ No newline at end of file diff --git a/modules/distribution/src/repository/conf/registry.xml b/modules/distribution/src/repository/conf/registry.xml new file mode 100755 index 0000000000..ee8ae46bf9 --- /dev/null +++ b/modules/distribution/src/repository/conf/registry.xml @@ -0,0 +1,195 @@ + + + + + + + + wso2registry + false + true + / + + + jdbc/WSO2CarbonDB + + + + + + + + + + +application/xacml-policy+xml + + + + + + + + + + + + + + + + 30 + 5 + + 50 + + 50 + + /_system/local/repository/components/org.wso2.carbon.registry/indexing/lastaccesstime + + + + + + + + + + + + true + + + + true + true + true + true + + diff --git a/modules/distribution/src/repository/conf/shindig.properties b/modules/distribution/src/repository/conf/shindig.properties new file mode 100644 index 0000000000..89be04b9db --- /dev/null +++ b/modules/distribution/src/repository/conf/shindig.properties @@ -0,0 +1,215 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# Location of feature manifests (comma separated) +shindig.features.default=res://features/features.txt + +# Location of container configurations (comma separated) +shindig.containers.default=res://containers/default/container.js + +### Inbound OAuth support +# The URL base to use for full OAuth support (three-legged) +shindig.oauth.base-url=/oauth +shindig.oauth.authorize-action=/WEB-INF/authorize.jsp +# The range to the past and future of timestamp for OAuth token validation. Default to 5 minutes +shindig.oauth.validator-max-timestamp-age-ms=300000 + +### Outbound OAuth support +shindig.signing.state-key= +shindig.signing.key-name= +shindig.signing.key-file= +shindig.signing.global-callback-url=http://%authority%%contextRoot%/gadgets/oauthcallback +shindig.signing.enable-signed-callbacks=true + +### If a OAuth2Client does not specify a redirect uri it will default here +shindig.oauth2.global-redirect-uri=http://%authority%%contextRoot%/gadgets/oauth2callback +### Setting to true will cause the registered OAuth2Persistence plugin to load it's values +### with what's in config/oauth2.json, no meaning without a second persistence implementation. +shindig.oauth2.import=false +### Determines if the import will start by removing everything currently in persistence. +shindig.oauth2.import.clean=false +# Set to true if you want to allow the use of 3-party (authorization_code) OAuth 2.0 flow when viewer != owner. +# This setting is not recommeneded for pages that allow user-controlled javascript, since +# that javascript could be used to make unauthorized requests on behalf of the viewer of the page +shindig.oauth2.viewer-access-tokens-enabled=true +# Set to true to send extended trace messages to the client. Probably want this to be false for +# production systems and true for test/development. +shindig.oauth2.send-trace-to-client=true +shindig.signing.oauth2.state-key= + +# Set to true if you want to allow the use of 3-legged OAuth tokens when viewer != owner. +# This setting is not recommeneded for pages that allow user-controlled javascript, since +# that javascript could be used to make unauthorized requests on behalf of the viewer of the page +shindig.signing.viewer-access-tokens-enabled=false + +# If enabled here, configuration values can be found in container configuration files. +shindig.locked-domain.enabled=false + +# TODO: This needs to be moved to container configuration. +shindig.content-rewrite.only-allow-excludes=false +shindig.content-rewrite.include-urls=.* +shindig.content-rewrite.exclude-urls= +shindig.content-rewrite.include-tags=body,embed,img,input,link,script,style +shindig.content-rewrite.expires=86400 +shindig.content-rewrite.enable-split-js-concat=true +shindig.content-rewrite.enable-single-resource-concat=false + +# +# Default set of forced libs to allow for better caching +# +# NOTE: setting this causes the EndToEnd test to fail the opensocial-templates test +shindig.gadget-rewrite.default-forced-libs=core:rpc +#shindig.gadget-rewrite.default-forced-libs= + +# +# Allow supported JavaScript features required by a gadget to be externalized on demand +shindig.gadget-rewrite.externalize-feature-libs=true + +# Configuration for image rewriter +shindig.image-rewrite.max-inmem-bytes = 1048576 +shindig.image-rewrite.max-palette-size = 256 +shindig.image-rewrite.allow-jpeg-conversion = true +shindig.image-rewrite.jpeg-compression = 0.90 +shindig.image-rewrite.min-threshold-bytes = 200 +shindig.image-rewrite.jpeg-retain-subsampling = false +# Huffman optimization reduces the images size by addition 4-6% without +# any loss in the quality of the image, but takes extra cpu cycles for +# computing the optimized huffman tables. +shindig.image-rewrite.jpeg-huffman-optimization = false + +# Configuration for the os:Flash tag +shindig.flash.min-version = 9.0.115 + +# Configuration for template rewriter +shindig.template-rewrite.extension-tag-namespace=http://ns.opensocial.org/2009/extensions + +# These values provide default TTLs (in ms) for HTTP responses that don't use caching headers. +shindig.cache.http.defaultTtl=3600000 +shindig.cache.http.negativeCacheTtl=60000 + +# Amount of time after which the entry in cache should be considered for a refetch for a +# non-userfacing internal fetch when the response is strict-no-cache. +shindig.cache.http.strict-no-cache-resource.refetch-after-ms=-1 + +# A default refresh interval for XML files, since there is no natural way for developers to +# specify this value, and most HTTP responses don't include good cache control headers. +shindig.cache.xml.refreshInterval=300000 + +# Add entries in the form shindig.cache.lru..capacity to specify capacities for different +# caches when using the LruCacheProvider. +# It is highly recommended that the EhCache implementation be used instead of the LRU cache. +shindig.cache.lru.default.capacity=1000 +shindig.cache.lru.expressions.capacity=1000 +shindig.cache.lru.gadgetSpecs.capacity=1000 +shindig.cache.lru.messageBundles.capacity=1000 +shindig.cache.lru.httpResponses.capacity=10000 + +# The location of the EhCache configuration file. +shindig.cache.ehcache.config=res://org/apache/shindig/common/cache/ehcache/ehcacheConfig.xml + +# The location of the filter file for EhCache's SizeOfEngine +# This gets set as a system property to be consumed by EhCache. +# Can be a resource on the classpath or a path on the file system. +shindig.cache.ehcache.sizeof.filter=res://org/apache/shindig/common/cache/ehcache/SizeOfFilter.txt + +# true to enable JMX integration. +shindig.cache.ehcache.jmx.enabled=true + +# true to enable JMX stats. +shindig.cache.ehcache.jmx.stats=true + +# true to skip expensive encoding detection. +# if true, will only attempt to validate utf-8. Assumes all other encodings are ISO-8859-1. +shindig.http.fast-encoding-detection=true + +# Configuration for the HttpFetcher +# Connection timeout, in milliseconds, for requests. +shindig.http.client.connection-timeout-ms=5000 + +# Maximum size, in bytes, of the object we fetched, 0 == no limit +shindig.http.client.max-object-size-bytes=0 + +# Strict-mode parsing for proxy and concat URIs ensures that the authority/host and path +# for the URIs match precisely what is found in the container config for it. This is +# useful where statistics and traffic routing patterns, typically in large installations, +# key on hostname (and occasionally path). Enforcing this does come at the cost that +# mismatches break, which in turn mandates that URI generation always happen in consistent +# fashion, ie. by the class itself or tightly controlled code. +shindig.uri.proxy.use-strict-parsing=false +shindig.uri.concat.use-strict-parsing=false + +# Host:port of the proxy to use while fetching urls. Leave blank if proxy is +# not to be used. +org.apache.shindig.gadgets.http.basicHttpFetcherProxy= + +org.apache.shindig.serviceExpirationDurationMinutes=60 + +# +# Older versions of shindig used 'data' in the json-rpc response format +# The spec calls for using 'result' instead, however to avoid breakage we +# allow you to set it back to the old way here +# +# valid values are +# result - new form +# data - old broken form +# both - return both fields for full compatibility +# +shindig.json-rpc.result-field=result + +# Remap "Internal server error"s received from the basicHttpFetcherProxy server to +# "Bad Gateway error"s, so that it is clear to the user that the proxy server is +# the one that threw the exception. +shindig.accelerate.remapInternalServerError=true +shindig.proxy.remapInternalServerError=true + +# Add debug data when using VanillaCajaHtmlParser. +vanillaCajaParser.needsDebugData=true + +# Allow non-SSL OAuth 2.0 bearer tokens +org.apache.shindig.auth.oauth2-require-ssl=false + +# Set gadget param in proxied uri as authority if this is true +org.apache.shindig.gadgets.uri.setAuthorityAsGadgetParam=false + +# Maximum Get Url size limit +org.apache.shindig.gadgets.uri.urlMaxLength=2048 + +# Default cachettl value for versioned url in seconds. Here default value is 1 year. +org.apache.shindig.gadgets.servlet.longLivedRefreshSec=31536000 + +# Closure compiler optimization level. One of advanced|simple|whitespace_only|none. +# Defaults to simple. +shindig.closure.compile.level=simple + +# Size of the compiler thread pool +shindig.closure.compile.threadPoolSize=5 + +# OAuth 2.0 authorization code, access token, and refresh token expiration times. +# 5 * 60 * 1000 = 300000 = 5 minutes +# 5 * 60 * 60 * 1000 = 18000000 = 5 hours +# 5 * 60 * 60 * 1000 * 24 = 432000000 = 5 days +shindig.oauth2.authCodeExpiration=300000 +shindig.oauth2.accessTokenExpiration=18000000 +shindig.oauth2.refreshTokenExpiration=432000000 + +# Allows unauthenticated requests to Shindig +shindig.allowUnauthenticated=true + +# Comma separated tags that need to have its relative path to be resolved as absolute. +# Possible values are RESOURCES and HYPERLINKS +shindig.gadgets.rewriter.absolutePath.tags=RESOURCES +shindig.urlgen.use-templates-default=false diff --git a/modules/distribution/src/repository/conf/sso-idp-config.xml b/modules/distribution/src/repository/conf/sso-idp-config.xml new file mode 100755 index 0000000000..99f61be9eb --- /dev/null +++ b/modules/distribution/src/repository/conf/sso-idp-config.xml @@ -0,0 +1,52 @@ + + + https://stratos-local.wso2.com/carbon/tenant-register/select_domain.jsp + + + store + https://localhost:9443/store/acs + true + /store/login.jag + + + social + https://localhost:9443/social/acs + true + /social/login + + + publisher + https://localhost:9443/publisher/acs + true + /publisher/controllers/login.jag + + + emm + https://localhost:9443/emm/acs + true + /emm/login + + + mam + https://localhost:9443/mam/acs + true + /mam/login + + + diff --git a/modules/distribution/src/repository/conf/tomcat/context.xml b/modules/distribution/src/repository/conf/tomcat/context.xml new file mode 100644 index 0000000000..33db120fec --- /dev/null +++ b/modules/distribution/src/repository/conf/tomcat/context.xml @@ -0,0 +1,38 @@ + + + + + + + + + + + + + + + + + + diff --git a/modules/distribution/src/repository/conf/trusted-idp-config.xml b/modules/distribution/src/repository/conf/trusted-idp-config.xml new file mode 100644 index 0000000000..a69f282d43 --- /dev/null +++ b/modules/distribution/src/repository/conf/trusted-idp-config.xml @@ -0,0 +1,21 @@ + + + + + + + + + jdbc/WSO2CarbonDB + + + diff --git a/modules/distribution/src/repository/conf/user-mgt.xml b/modules/distribution/src/repository/conf/user-mgt.xml new file mode 100644 index 0000000000..cb059ab060 --- /dev/null +++ b/modules/distribution/src/repository/conf/user-mgt.xml @@ -0,0 +1,343 @@ + + + + + + true + admin + + admin@admin.com + admin + + everyone + jdbc/WSO2CarbonDB + + + + + + + org.wso2.carbon.user.core.tenant.JDBCTenantManager + false + 100 + false + default + SHA-256 + true + true + true + false + ^[\S]{5,30}$ + ^[\S]{5,30}$ + ^[^~!#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$ + ^[\S]{3,30}$ + ^[^~!#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$ + ^[\S]{3,30}$ + true + 100 + 100 + false + false + + + + + + + + + + + + + + + + + + + /permission + true + + + + + diff --git a/modules/distribution/src/repository/conf/wso2emm.jks b/modules/distribution/src/repository/conf/wso2emm.jks new file mode 100644 index 0000000000000000000000000000000000000000..ab02772790f6bcd11ff0b2dfa0c7b1d6981c7cb4 GIT binary patch literal 3180 zcmeH|c{J4h9>-@h#u^PX7llD~p5F{+2p7#1*_W}Wv4?rG&t#23gh(s0R6|HeYLKO* zsHdh)gsf%X*TiG#PTl9++v(hM&pqefbN_n&_@3|id_I4C-rw){^?iSK=62>lAQ0q_ z1qQ)GJ-mEE!$BbMAq^wRYEG#ENPyG=f^c3HI2Z<2h6sbfTp(BigsJO9jyWC4JjQRi zuTJ%nr=@5!#BJSjmHTNGK1A2hh&OAlPdfCB!G;$Xl0>>LOCdTf21VhQ@W%(%0 z+{VLEF9S}Z0_1WHOi0Z%)sn2pDp110Hb#bMsf8*DHs-^eoClF?oG&0!p(|4EbnQy} zR&^#Xb)v{Im=(9fboBG@lr)ON4}a41Sd^o*9k`XG#(L8=@UHy>%_{DIqav%1+HY_{ zfQM%CWVys*Ui{M=+s$l2GvN^juhfan{OD#&v1kc-dU|2Oro&WIxVLvkC55meYVAMW z1baOCM&&kQw1BpJkzZ?mzwa@O+Elato-B`5w)Dm2XM(zit>!_seP_ro)n5)2&5V;Z zm6ms9=@5-kk)4GX2F{erT@Y~Rg%7#Z$-Rcls22#25TokIhdVz9m=6tC9_gT4wlpY% z&zd+mdn>7;Y66AIpQfl_X7OYnri8YIUg5CXeHjl=mYDOAJcJ7nA=Y{hpDr3X=-w-v zcO1nmkdJG5+{>QxGJkM(Bl>W|g7NGGdMIkWuAHeqeu_S+F}RkbIz%1nN5>2y{FK&pRXIQ z;bO{bHwKtoX_Zzj`s{f!^*G7)_9nY;w)0x2x|A2qTQMfD z`GEv5?HUvUhCsmHfB>9FIoTxnivR~{E)ZaW6#)3)PH&vM^gMz}PiAK_jIvO4XZ>$HPhSdN()iiOQ+G?Jj-gq?vPTQB@h1J#|c=;*;l4t== z9S>*&cpQMmxo|?wA3{L>=XRn1^6%~Vzqhj^9<-LWH3Aq{e-z63d{9OP2w#qNnunhioymsGS0vZu7T@_rcymAzK40 z0;10LeuI-%BDHC6<(1)kDW@$O5EarTHz*V@=e{RJw-lCP#P~FOX%R8Q8HwrG0fI;i z{=qq>mYq>&p@M;%%5JAbYjMzh2SG;&6bu3v$pRQ)7f1SDBpCb^#sxq*8^#K$;iOA{=&HxWasnIQ@38SaP_hB2SYg=!GooQy5k;G4W1|e5SSp`-abYnwBbSO!z zgYR$*dgi&3gN{QrrKUtQDgr9B5A^ZHSz>v+3Gz~sE^h^W8uSk|2plvtIB4Ymfd=>| zwf}E4{>LQ#JA&Am^Q~2n%zYPX>@(6N8cHjih0XInZNKT#H4qEl?a>|kFr9Aeil!4K zr$FWz9^5MycE?fbr|RWxxEcek)gI#HCb^E_rwNinPM3>AI+X3CM$G9q6(k*=A}QQx z_;Y35*`s_1my~+fgIGpB!}{orKDSNfrPA&hQvPI1!M^{LAaL?eZ}N>Gg#bs{$R!ea zI@f^os{!IPW##lDGpqEic#qS8(%%>1CzILZ1@h!q>|O!t40ge;Kxl zKlJQK^^3x;^Y`I|g-9IiVLw4A@I15Z@k3X!sli4>E@?*QPJv;1LLAr>%9BXRi&ff1 zJ8un3l&!Witjfq+<#F9{=BP+_W6zf5r9brtb0L@iH!{vrPW%knKr&lXdx;(6CWA(Tp= ztT1A&$-Gx8`l z6nD3(TO-@|9LJZ&zTQi#;x5h&TiK=r$QmpV^|w|;>pt5}zwg^C*d09F0f?Z}{u1hl z>W4&Nsw@v~yQ)RJGrDIRlxvktY#J2tM0v=h?>W(}X`j17$QjjFFXz6w$S0PItuQq? z!h^`PExYZ;?2k+K+X!){&)cT7A-lUu@PmtCEMl1~Gr;$V%+h?XA3RjcLs`PRse9Tq zzNT@_fnRrkYdEkd!VKR5JH60sYC2QWbC=-q_Bpz}XLN`6rbu&>ewxB_X+(?tsiExG zxtp;$$;@NL8y_y*pbZ4MKOILI1_?B$^9-zxt6Y-VJ*yK(=p(1NES{Pgjeh;vtIi8* zuT+z+XD>p=?&$PzFMWxCXSAH@l)X`|h1<{FXcnn^hVs6Ib$9Lq{IWL}>Xntxym_H0 z)ZLf+_J+m&T}?^#v(TA&43w!AV|>@_e9lh8`IthvPz+0>T0S#>fEuX^j7cF%CMs WTu-<|bB(W<&GwyPi{a7_c>E3HRNo~4 literal 0 HcmV?d00001 diff --git a/modules/distribution/src/repository/conf/wso2permission.jks b/modules/distribution/src/repository/conf/wso2permission.jks new file mode 100644 index 0000000000000000000000000000000000000000..9d5de8f1079b8bbabae2a0ffe7cff29669a9742a GIT binary patch literal 46409 zcmd_T2X|b@l`aaPku%W9L}+A?Ab@UUfXGB3NMwK@2qFWGKmy&!IXG!7+haLuENg68 zwk25(vMkSNY-wifwPZ=8a-QwE$E1Wu~|JSeo`F}a!;^N{4O4Y)kl?8k5=++Ek<()quxf}bHfXhQ?`jkyUh}84rHR2(W}!sytp`RbsXhqbZ@cStd64$M&I2W zn@y1c=3+~(#bU`d7v~lCMg`^O7U!Bvatl<#pDrs>0Q<|s)x*Ug+gw<90Lu+<0R_JI z7`XRoN!gYFd@gk6KR@vg>yQFKuYYx?BM#xn!mD3D)eC`xolSHiT zdATBaA~+ASCHF~!aMLA(YL|186o_D@s{EKCtR@6vlQ&pzDcB6C7SsY-2L12Pe)q0; zgi9c2{O4W&9D(>NUjQp|Gq}3A?k^Q+iKA3_e!*}U!n|;>q;qA=nCB!|OAT1{Yu{(- z`T8}2H#UJ~fSeIN(&bsST(^O=qb(zYd3`*YGZJ3-e451bBsh!UyvYXMr>X>EAnz17 z18RNc5%5WO-sCEXy8`V65`v#@?E+^t#Fe&I%`!Ze56*(4StON#iJe((i}Onhi=)$1 zkVc1LX9?H_RB#uEow*~z8`Z;ZL=0}OZf@?ys=#hom`b&r?Cxx*CCnTucIQ_o7tgj? z7cHmE^-T2(t6W)G$yV9omYkDX-Ud%r4>sDy?KvmgI!#lyQTzOCwrOO|G;bZxHcd~> zOf4=T7#_*Cq?(hpGZ|wuMvs~-B_$;$rwf^yxUY50l4rJXH-qt*^H#Z-=_Gv4)cDls z@Zyx+W~yFVoV3qREv}j4BLhlGEN0ktNp60gxi>PvqM`+i{>9xds+m>4&z&CXKB%h$ zmdN*il5U4Y)sF_%fvAK!S|QPrfTcA(wOyCa85+j)$Pqf2oubtS1Vx}weT#8RM1M06 zEdkMj1m^cXEdsUq>gP_J(6=lehgfM*wgcHlSLD@v=6H8QlzRu{z+f<7R08n#{~Ao$ zWb1$=ySXa;XY<4A*TN7_pCQPn7y)X~{{QyYFaHwr|NEou4*mvfP5* zQ_M*?D2R6LWQa`4H9L$^vrVmej|*bSyLy@vcyzLRl$niya>7Tcn*bfR-~xhYzqzQ# zo6K=MF3>%~{T7b#=P^ci53|8lQ-|n1y^$@iY8Q8Zv+oi2?)+@C!A*0j`z*|FSkpQ~k{h>4AIJNY z`r2QYhqgrnI4Y#SZ|dbAzxLQgDqg~QFxEZ&fT@0_q4M?HRJW8pNr69t$RO%EkSf7T zpJ7X|Ir`G~*aiU?*kK#1a#w8_Be8WWvQ4!sN6Xp}rwXpBZq*D8Ku~vXU|XbT@1qX@ zin`2fGF=;TRcDZ$-?6D-@HpCJYv05HJy$5SYKUCgn_u`<-*b1-vcf^GC9B!ZK@+pH zkbz(}q(EnL*GwkDfPROSN;-HquQw>sxZvSJNXOI5z>jhW7BaT@{G$sHVwJNQrV{}o zK`gi`?-PNNQoBGO4@^lgM>kXgnv=K>Z+4CiFL3@`+M0`q99`s@GhY9Z8ayDX&HxAD z>f$uiLX-tM%-mr(2+pe2!az^oOix#L*JExWu22z{Fw@`t9@t_CSZrPlYljXBNb%WR zoudy0O1&?fXC8p?%z!yl3G>Wa1l*`Ug02qsMBaJ$h@RpNDX&G3LO88QuKtSdNcBw? zA+nSK&nWKWB@y9)p-Y1%pDsj{W_m}m!1ESWxv6X-Y3#~fa>&>=%Wfy5l%u9%5cTc+ z$h%+Tfou!buRR1#N4yCVa2xQ(U29er4RAtLyDgFGBVhXhuuj)9z>1kM;Dvi!)9JW* z2(L!-VV~~xI~F`bQ=_xWFR{$$c*kBIXO<9H?fJzlqGRs9yJmp6DhXBOu{`;}I+35HU*WdakE+(&fre zsH!9_fb$2G`v?_OoIO_lymEiTiqlcprQ$b^Q3sdbj@y;iap5g!8Boxjb3Tqlz?4$lTD~ZVx>rj4|MSS*5L{Tsz`6wBt;brkFVXG zNM#C|sRsvGB{R(;=UOEMFI%GWGyM$xjz232VE6a<1u&ZB5U8L>)jF$Y_+)Kfw`TN>KJ``MZ*X>zOcke%{J zcvv|b2px>@)GUWub9KyF?oxb$CIT3=@kaRK%Vq zZoh1{<2sH)q9gNVU*O1vs8@bX-;$`g69{;SVh(~<#u>GlkKHMd!{#@#aNs3SxoSF9 z58E{%6N#Z`I-humz5sCP1FJfhdRo~y@8+#f&?Rhe%fi$D{Kn^p`wS4Xctg7-!1AT* zeEJt)tcFDpQ2E>sL;&vxvAEe80^a##(3;l_YpW!@x5IS<0=t0CymV-vXBz?!dX_L% z1uU2obd|s;y)Qr)b%QC5+=;vc{fm1XU52|hF=%jg3m)b@QX%M#>yG~ZXAdB3yRg1r z18;ds<7N{J`)4gmKKQIfo%tl4lfhV~&sxaDN$xF7oa8y?+nwA@UZJ_jQuqhWZG0SV z7`5w~w7+tddvOiYS`=4bHejx`nCJPfo2JYyUQSKN(8(D^xXIK z=$rRVJ@u#_YiJv&=a}T`-$;_3<{k`6H-dRIfLYclvT+C8l;=6lEdn;O0cL-Rlm(gM zAkEiQAxfrepcqqud{$4Fc?9PrmR& zo=*@LAR+VWjQXa?nOA=@Ug?|$xe%1399+l{B7^Q*;4z@onqj&!x@uO?;XO1|etudw zs}*QI*%&8Mq6Fg-fIsz15&H+1>5bArrKOSt&I}0Hw*s#HfZmfX=>7Y^R9VFOvGV3k z>SjE6*}O_WYRT;C0v%u`h(~pSfD^1BAR+^-2DE6Cgmg9=Ky5$R5s?Gpxd-5KoVlQD zcJoLY9ev@`k_H+g{g1fi2z6m zV|ze_yHuZCqB1(-;~poQbx!|ZQ>RBoP`cq)qZD?Y_kI$T@e&oXciMPKDF|Xwn_xg* zKiM0qi7927^w5xiUJ0}z!!fOih}_!?ot?MNOfAhE*iIO-SlouAv09 z6k@LLhqlS>vL|}XoU!L|Nq{SQqDS zmmWimlN*4sZrVen^oaJt>X7N_6A}&H3Kc<_=@7jFPq9!+D{BGesx|}$!KupfAT#InhVk@}aAr(3 zBZWNt?c10Bs1E29y)ux0EN?z%hG$Qb1iJ)<GrdnyK2JBdW*$B|FUiN*PO&NDS$VzO^K8wQGTP3w zmGz4Td+T8^Ag2w?OJufk9P$I1ELP3a1TPQc!4(!bXwTOUe!Av{103!}3)|dWZ?I;@ zso#l5v$St7Isg)v!0p`KS+oSr?Yz0@X57+yQc4T?Y`E2@{ z45!hp(}QHkJ#w&`V=mW(1R@YcWRAK$|YY8$JkDG zWKp*TTfIE771U_VN@$E9d3N&%yC;KV3;76?#~PEp z7%NH_nTmB$4i4njH2n&^8r2V zjyRrh{l^y{W@!X5uk63jfO8u&z@NN>cHTj&1G^pUpqW8>$h(k* zU`4#h$^AOz($1F!U}i0v$0*ANaGLM?*xsq!$^QC0bf$|MoZodsjtxS< zjsaU921Cz0h#*+0AlqDD8fXK^J+d;nfrgS!OGxwYnrA;E3&bW&Su>=$*FF(l*)YBV zu^{8s$9xf{Xfx$)YY^AjuBxsGwect@P5FT7Qq>I89t9T!(>$)j)jKcJEguJ^6;i{M z-9ci@cy0-7Jp`=2m800#?gA6!BA5rUg(#P#I0=T>I`jl4f#&ad2zqdnuuC_WQzQglK23;x*?|X!<>ZO{B_qOHV)Ph2ctKA&b;=7=$lL)o3BaHH zvM!2HgCNMO#5uL16EQQ3m6oF3O_2D2q9tk7Bv{(~KdjBl^)?REll?T^{PE za@b6;XkYv6;u0gsjC1nB080S3Fh3F{Q1smoxhHrNY}d*Pel(bxVSTu_c+#3b^W z9=c*dB6}LZc29f*g02c$t`64DoF0SF$O?GlUYdIMIvDMFvwkEDfxu=6U4v8{N7pH! z2Ju9hpb<$bN3a88mV3DkC|c93+OfDp=9d?=!QFwQTSF%8*^utAYDTn4^&3okeF%#? z;><_H0fedP@ZH57rqR(qYJG>APInAu4_x0N`(;VF?4MJ|D)NtJeaD~kt&9HLqH`-O zyeP+k)6m}jWHptu7}V%~7F-Z}1YrbCBkEK^DZ4?L7d^pGjvTJ(ceA580!s0VTK6n1DbDEJ_>M>q=L)0I_KmYzDMzb?hWO`7o1W z*|XAKXbj-dS%KVfXXWPe?DN^&5d^T0@Z>!r573I~kAO)KhmpX)eVbe`jv$A(qJw<{ zAY}-wxt3=ZWFdI%r>j%;c?irO3zmb(A`oDv6IuZ^vO@^G`K4EWg&+#luyC;}DSwQo zpkq5vFW-KiF4d3y6}pxQkRW%APNRN49bD@ya`*#iP9tby(K@;|g2!XptJep;-Nx|* zy@ei*Vwow^Zq&;&*X{H%Rmdkkk$!w!SdsBK|B= zh34Gcyj;8=tqmv4Dq2v2=!bO~+{O*>w`>5eZt%7z%&_J8(nk*Is&B3}KTQtinmBou{fFZ|0U z@S`I2`a}$`_$IN{XsrXg%+m>8e-I(_k^+hcrPHuxJi$gwp8VcGu?!k+Sdq%;U8qkS zhG=h^46_H}^7<#wY*>PlsjuZAwI?Ti1pj{jH<}@3stjIaQ@?e+Lp(8U9~qv$#qScZNMw$X{RY7eOPSXN4)_*9mAQh(;}=$R{X?jR zllTn5jlMu|=#wan$ju+>HwbXPTrPvO6l#y4aDFYC&*;bb)()z%L*0T>F*)|kZ@)Xa zqqGw#?dQPeRkQZ;=bm|pTHjpIei6az4}ndtDdi1$=d+0RrL?nY?NWWgqpBf6k~8WW z^Cdb!e=MM_IOEJQbq=;9XFX{9RQ!;0C%`w$X|)ptGvGif2d;EX09y>UBXm{(Z6<$< z*>KD=K-60V$Oq3kU?TuUmM2l%SCSaKbT8QRWY65Un+oaUXcE`Y*6#gM0Iko-TyT$= zz};&y{1DKgUkad(J@rK?sPq|AQ5~IR){BpWZ#hlQ$PS0@eErmI-2SOse01oDcXvUy zx%7j5AE3of9Xs*L=fUZB>D05VXJ7s*!ry=9QSDWGHYa`{YM*L2t00=Vzby=mN^xRj zlda&TO=U0zWrzWNpfe&0r>+LEnQ6`fivjt9w7LFQ{tgn5lhV<*uJl_{nq!pyN%VBZ z$!(F^cmjZpJFv`rmZ~Pns>~v7Kx-XB78Zx+$EU2*V>em6gsFO*#XX4J4Ft$k&JEtv z;n-?&Z}&-kL&nz_+v&KVsmnS#X~Uav6I0d&HOPV%X$^((=%F&lAv4@4J z+QQrtOHp2lr4SRgdCt*4VNOscuBQFXqjI*c0kYQIo5d$<&2yz7!P(TiOUyrHOoV0$ z4D2i`?*&Pz5TxIHS9SomWh!@>f=Gp)JSdX3NH_y><%T32LvZEc&K!w((EY`O#$!3O z;bnV43+}1Zl@)3*{V8=gHLMFf4Fv2&gPCU~0$$J43aH9&dzvu^0r(hHS=yc$ zzgi@)SoO6Ikd?LWb#J^a9SI^`VDD5Aj6ik$AgMFZxhAWURY}-Lr*lhZV<}$z)0qdZ zhL`%Tch~#IUg{|t48#LRRDyKGsB%%&c>e9bWf8};vQGl6Y46)XpkAwr9Ju)Ar)8_~ z#)66!&*~o4q3J=Q?}WNW;y8<+`b}3^-c+?#ql0YA?bFJ=xW1na5eMolbS3=+`=#_70A1}7o_JK^!iz$+UE)<+o4}?T2<_ zcioRDB+;qOgtUWOFUcOu2+9wi)RZn0OYsff%;me~NM@8Rg$2|Ldh18^X+d+9o!uj@ z4aZnxK;@#JQ6%tYRx+S&{?*%gOFCZv0Yp{grIK0{H>__KK@~VJ=?rh@2;?1`>U2-> z>ehrOzgC8j4xEj5MJt#yCN^6gpN&Cs*Me-L!T`$A5AdK6(7fkwf5}>I3P@u!!W)gh z{2g!sTL8cWnqq0UZiBI`z3B3bul+2WCt*U(^Qs_EC9R!~rq_jFQ2ScUkot#@8*re3(VW%`;_J)Oyg?9ivmRRRMh+tT~_XT z|D7H>b0Y_ZOW@3_GbC1;t*7RRNZvuhB{7fObF^Kz*~+H(=iBjY&zl`W1x#^59p!sq{1srCmN*7TKXL z+e-xS*0NqY&l4q%85~rb_F3V$AbCk1A1LHG_7|S&TVk6FGo*bXAoKN~#X$x#>BN$1 zy6PorT`m`aDo%&@_9I}0RAc22p87|~z|nvs8T8F`c*;&?19&rNRE_ggk*h9LZu<#r zTM7Vc1*IpQC{IHe!a9hIWvQ~V!WU^mOT$k-+T94@$@{>b|2fz>7OfG)nu!Iq{`SYu zefE^R{1_-NKi+J4MkEc)ppER^HYt7_7H6n0>==x}YL&xkPIby#1L}5gOXxz73Mrd?1VuT9R~c z8jR>Q@=RxpXw#0V&2%y&Q ztFAbMep8QcJ)yNrXyg_(n|<^OZh^uQHfZdG(4Ze`?bsojEA#l^9fj^=~0VmA!WKaOC(>bYU6aBy$Kec%d= zB6ERE4ra@g;0OI=sCou#$;AU#{Ajs$BZq9gYlrbu_h~< zwMky?fc`#o!ho#+v)B~M2JU#8OKX_%+5?jAtL_r9jMxeA9JXH0`0scAQyk*c?0V7! z7T%;uFo(1)wzJEwEJI)*5ls68yu=gfHl`xMYT2wt*Rl}$-u;$KP&WiOP-Ptph}BUJ z$~6RnJA)SlXwiZ#1ZpTySV~9AOaNm6W16)EIG)ko%BzB^jCLQ-hLr8MFQ-+NH~vg~ zrMX-)s<6WAAI)}lHhqXsX8*`{1Yx$h=6p*LpFPQvY%N;As96g0fCp_KhZ~d|*k5~x z`Ue~|*g_)}3?ZO}X|Ki7=CY{5OR8|j(sJ0*uLUs`Nh{{KUGTsxwD zPZhbja`#G24#IR$XHXj(PCDBE_lFPv5CL$CYAN8TibFXa-B}`DjHW4c>gjD%V<2sQ z6nv>|WQht2w8d0{hqzFM>!#Ql70~;ie)m(AEC}|0R#!Y;Q5cLjJP>*nJ2 zUhgYg!87QGQziPpA9~;`m+yjH6IGxT2NC+#Y~>Ak!3fZ~tTu3J;kxp(5C^F|>;?fm zJS@CGB0R&!{FSdr>})2&m%l;#biAMa;-{mTJ=N2Iv;m3+(LL)JD5j?OF)O@sTe9YY zAw72oSV^?Hv>W?Ce$?OMY_K@qKG0lY5AuqGaGY~JL)-}{?9`UX4x}+t zj1G5ZDvzlwMlW7&1hfWKZLmF|0LFN1lu`*$C!V}7Q`*9 zp477ce=9z~F^4>)WOW?92$s{|MUizVh~aIo9^>5s>FlNoVg?#?Sr@8fJXlp{K&S0z zIYLeW6|sFCTRxV393gOGNkVX?d*wy1KFZoqmwE4V<%Ju?E2s3`OpsV*fd3Oe2d`6A z8q%JWB(zFH6UV)A{k^Zl* z-w)yPr}cFD=0JD4HQ?I4{ouUW%y2hwD$qsdLPv8xHLI^Vk9y&g12*2jB3t8@jUot- z@Chln`V+`0bF(b1Za=U{*#_R8Ij~!Hh_~j;CXaD_7YKQpi{1MYg5|K65U%^fj3%7p z|NhZk6?3nBEf`{XsebYsJ6+kl*Yh4Y{=NP$Gj8R1+Q<0~gg>MEl=|9Vmxp%LUuH`m zLHFtmn$EK2*{>srlk{$y0AP=?cNE%|x_!?|oDD=`2z}VLBqSoZlv~OE4Yio&UtItO zT>H`aN>}Z}xOC})W4*fgyXqh$!s*nQkKDA_;HL~(l*+MZIE^(CY+b57SX2) z;R2|fURu5tw!cuEX4|nB^AiA~AEbT0^&nUlZE~A=Ix$ZP)R*N04qTcU;^^V2FDLu= zoqqXYh|KWif1pbQco5IWwi;mm1+BmNTO&`)5rW`?YD*A%mmUJ()#z^lW{kZ-!Pw%) z6L<19tqVQiWpwR=CqFA;-3$xQmc-s45M=2S0bKJQo-=ElYChm4XJ(h}oE~N{!mgPQ z9W#9)U9KwV8x|@L2b{bHzB{k}Skc?)rM`h}i8se`WbbPX=Xc~yO~bZJ!={Y3<;A0> zrp2*ri+orZUkCHnKH`9XW3wcgO+3V4jMffm9K*Z>(oLQA=_T!t+wdrj-|E^o#~wbV zcFh{IE?4oN8?){66Iy?;2w$qlA2;R|YM*<^E#!YVs_4h(Mx?~|*T$iCf7G>!jes-Q z;ZfQ+Dy}7_cjCs zB+;OF_GUJQ^|N5kNQjIZHlK`e@6G&|?|!yrB^2A1Q>%hx7iEQQ&IdrI`2yP4;@N4N za&*uj<9ib1u6qZBNJ^lKiZ}sw!kxwwRc5BerFmUax51IR^NO~oKM{uQz`;k#c4w~6 z_2+LF$n*`3{ra)-LETOquR3vMMJ!oh2*l>2m|mKry}*tWxd=vC`^oG)3D%6gs(yd> z2wmz@WTtFTPAtQfqs>6&P5mL~dz?+Pj%ptxOS98uvQN_tqGqrYdJLqZvm$~YFA#B( zjnrJ(S@2bm>W|TNTFb!zjsOJtJtg$pt*ylgU8(xMD>VRQ| z+>JLalcV?>T*&*am&4v(Cv|D8v#1pSzDA!K$8{b5(&1V^$9ZkENwg2nT z+@BeLB$jI_&c_!JId56OC_lE%dCQOT+PL9c8z#Hs2)ZYroa4_lHjx00{HTck{mxH_ z08THXy%;t2{&)K!`*^U~%Af-qQG`H1$HLKGqC~4RT{|`)vL7D{y3GEO;3B;aI~IP8y%Ci zHK&Xcd*VKX1GF!JGB~gEG`I6nV571@1^!$8hjtdmg|a9WqL+J0q`JSmVKqc4=e zN96bV=JT|ahMwoyEAsB5DQ@s0?mSfcS6RpZ4tSeAwY3#k&wTw-3;Y-4L5@n6Z29-& zY=FIevWBI1?H^myS!pa4fF6pK%d7+|2XT~lyjIB@iZ&*51ABcvAVB+szx(h-)*<)j zrlfQ|@}a#c3e<%5~K?E-zT3Kk&MPMck^GT#7Ar=j+^_NQHOkaHOaY4bP; z1-TdFMJUsg;-Vp@)PRkafN9P+XwN6d4tywVIOs!TyP3VA%3S~XFV&~@HF~KJ`dG5G zKP^R{HRZZb{OrCQV!iI)h4G{}Hy7{qSqdz0!1z z!p26>E5TU=<8xFKfLd8jKbYL;>W-j>?K;3yMs$EpP#3E}C(@X^jFocmu$5tO;MjON zcmQaD9+(Q4XssPYAUMiW7tl46sJ~t-#hN?XyGZ4b4{z^Vq>@Efds-C?#Opv`?zi8J z|Cq%pAM`UCAK7A+51auhi~V4^PAq`#HUSl`N)8R>uP#M)O868xOtutV3=K%ecohR-%e>&`3{VR7%dNl$AC|sgc zE`j%SWd)?u5<4@^>{98|YNNp!n*&9sG*FwDKvy1cNzk0w{sP&%PUQ%lB5#>p3w8pc z>6d#>XB8pHYoI@M2EDsy-w^e`j)p>?Tj|L|CO3!j!b7GY0c^ejLl+BFhey6ON}TWDqj=j_a1G)oM)VJTm~LX2OZ*JidNJ36aPwZn_U z@*Pr4RjKz#v(3l3ho3Q3K2Z8WzCxXEv6y#Ph+)mQ#a!h0Tcqn&h<*4OIOy(gV07Ec zZz~hPkrm4NAkr_Vx-PSA7aXVh0R^jLU98%w_Gf;L!291m|0!>TR6A|CMDu1Y}>_(y|!gf@KTZH>Jdh>p#m=73udTFbF1)?1bP~PMWc#f znD>7nVv2@R>&+tS^ru0$EuIXNe01VPti$!L1iEfN1_-}W7ViQ4|W=@VpU|85xd|=nweTY`%-bb!| z0#q&k8by43zwvN}16zOt*0vn{We$9lV~|-f;lE4qwVQ0y$eL;1I-YGh^vfKUl9G~J z`7#G4%BRMsM&%DJ^mn>V8NBjQtt~9Ue2KP9Mf&d&Eyl6}%S{%3{dwOSs^r$@XPRk{ zN~s~4yuu^Kj%A*C<=1|vshI$^Z347f1-4KFrp&oB6EYnv_n@K!F`!LjX<)(y2=S7Z z5~c)+Zb@+I4DH6v|J@%Ws7i6!VN)XTJ}RM~1T=!PB7)OiFS0=c)Odi`%5AfkUwM3- z<_FOBn5#xMzt>?R=jrbtX)c-;NI!A>nJ+JEpQ?w&_2lQdU4BY^J3 zBUj~StciB%wFI{F{$t)}c|tSuzQNt5KtMqy@4kP1JzU~02*Q)PA{nwB1p*sYi9&98 z?c3li{`L;JdhqHKtET9yh2=G~_ z(Z&bb+4+%;_B~^au5SKO4D|>P^El@laMeT*5cv!Xy>nMts7z%o6|xn4^XaelM~$&X z0X)4!hBxV-sD&28?DDJM&yX#`M>*Fq1L8OWpssM&Lf$NtJ%3~`P zstz(7K?DevfGxytzU@)8YcH(StM`?#>^e)6!T-MpKlQzf2w9_RZb{&R-~ROdpM}vu z>)70(uLffEBxY&go!cay8NhKMeLT=uWz3{PSNzAfJ{QD`MoIc=V(X<=YN7V;D(aS4 zr-HYBt!_l3iDmB3{sQ9U4p^C_?KU8YQ_Hi@^nlmfDT1if^JnM5o9e)ZLC&Ck08^V_ zd%JJimp?2AHaTw9W*p*HPOf#|LR?;We5V^RK^Fp5e7yMC{jJa+Gj95z5C1>1anlFR zfRx7myT3sfPIjeZp+-~pyNBuEPR)T$y!RORfBxbgaKINty(vxwV~nKvN-o(T0pV941g`{zayxwrwJiUQFKK_1UV#oy+l+1d4shAymkjzB~8>NpYt zH(9yqHlP`t*1gdT?vSq(E;&8E!aw62{FTCVbE=Gp;;;Kkq2t-U;}bl)|EqW1j%t~w z{#8TFp5ZN6GvBIF6RQ?{ zmmy#IpF02V-DJfa*FXnyL`5qS`d-e4Q~E#Ot4#Wx8B=1f9_Lh4923U^FTLUBL3|Up-1A7Vv5lp>$$&B0#}Y-((rqN^CVMZFMg>;e}6i?^&x|o!=K8&MM%gU->bZJq3)lR@3|8 zJbdn0#L0j&^bSC|1mOLk96biX57b>82R@^GFN+U&>Jwlos=%UDv9ml_PF>9V7=6*; zY|W*tlFRpWP=$bt^RIq!zOq57?&UA0KJzoAc1EbJR5s-yS0S#f#DF)P2TP}-3aG6W zfndy0QZ4-vFbb-sst8yO%kl1A2v&2Moy^T<*&=++#&*aV#Zy#G|88}I`lc(l>mqAk zP&?t$M#D=pP|sGjzy>N}i)cPN3YDRj%=6}>Q)NR@H5HL%qhstG#CN``#~UG?;2y@_ z-+T!{Y7bMixpH;0|NiS=AO(=`8brx=4IF=7JU(x=&J0f-{P&6miy6nte>*$7aeRnu z-S?3q*w&7`0y}Doit#hXN=>Bz>v5u0-aum(}4<1<9WbmiGM`_`| zE}_>}P@+$#{e|AW=+XXqKXiOHg`-}l<&IsT)1%t^w}S!fxCsWfvS^_jq3_?8x|Fe4 zT626fUAAm+EU_I87AFbU9((a`#%SwdHu}>|No@|AOQ>_cx1c1FVB`r%BhM?cJ zzR989nX@~d(MOe~vTe8sDo*icaQTt9zmGt`J|WNxV)Nth(tpqw59CzaEfNZ!7&#_F zbI1?`J7}nfZ5lJxQPAg&fM$3a1SE{qBqNBVcL3;CB0&vD-~ToO-t+X(Tpt2~%Dv5{ zfsP`8-ceaHB%|yDu1XTpU~-yjK-o@)9RWKD0+eIQ374qOwTVF%DQotUo(y3{A~IjH zXAD>H2X!A07|C&(e%7h;_~DG?)B$Nq>KMfR z>2rkAzP0XTsI3ymY_9V_P&}xlm+G-f>pI1{-)QXM=8Ziq7IjpRdC^K;qhU~81iq@j zz~+ig+N>m(xNBCWbo1GVk(wu4iu!2iz{?LL(*^+T{})6Q?w*Tqb*R5GsLmQ+2H98A z`{N{Z=IfDfJ%l(LbsG4lIw!>Ng19OKsvpvon2|+e(!t(_mU)v0~WBT z(I@{30e61sYhb_(XtG4)-GV^8o~5UzmgvYvWuN042=fXh0`A`lHpF6NuSF1nz}Tio z&q4|}Z|m{d?PV0jDS8;`v3rDlmIv!HZrLSjRpBjI#b z?%Zf5YbMQ2WhG9wKL5*|cRs7C3@Oue$NHor9H~aFnI~y-|?LjJCi#88%qYfm!_~>3Qo~XTUiVk5^*QC|d zV8>zwT+q}oZ(o{KOBF2U9QGOgj2ZgoTlnHNzI)Anoa2kvTJ%qo36#VweC+zYZ)1Pp zToi5Wftd)Ip-rErI-{U}!nGw}&@)AIMs)y#~W<3=J)USA*t9j*K8kun)%6 zAarY2mrRbji0G;TteF=Q^dewG07TQ)bPOy6Kvu;DN%fx~c};+Y2VA?CcU!yRTQQPB z3##_&WJ1VxF>|70N|%^Sqq*s~te^bZt6#x>O(Co~x|VVfaP2|f0YF0n=%Ah7_K{S& zw40uRw_yE~C^#;3YoDvmRb2o&P$2Z_@2WBDlRpVQ zi9q0c^-da4z)QDFJeRrSC0H=b97|JhtoIy*q9Cxiop+e1wFrA({LZ_@&r@%E(o0n^ z4}w#3MKr(`fKkrJ z`i4=rw=i0H?s4qTp3`bVOuYR_kuoYITmprf*$XRd0DJi>?B_&Yxu5zTQAOKTn!ijl z3h~?mKW+nKtXje>1jmNYgHNQQztkyxTG zf18yHD8jI+Hw=w~j0=Oxdgp3!}rg{y*gh{H?L`d!BH5 zhyPExdd11G?-eKY{M}lkGKfjwtegK``A2zeDbxMU+o3b6IEWSIMk~xeTgE1nR{uWL zmAWHXsO}ijBavyVkS{+1mIlg|4S5K(1-b~=dzCv?y0~zJ!f$>JHvPg6!GTN(z(+-D za0?Qly)?9puC154N}mTj^<}X6y5}CGPX&0jN)Z`LjID^T7_!knB~DZ@W}0v1C0F!nsS6(|aGN$<{;nztKYvdL2L;-@39Y1cTbgVy)UAKG8`9gf%K- zO%J1G3bK@)U1m{N2khoB+J)sp$03+Q;N%h|@#XKcC#QDO{t?y6NNtvi08#m1OP~dnAjzx?!Mk?`(-{a(@Tx=6^cBEaHS{borz5rvV#a{<9p$Jb G`u_tKXA=ql literal 0 HcmV?d00001