Merge pull request #4048 from zowe/users/zlatnikp/F144933AuthZssBypass

Users/zlatnikp/f144933 auth zss bypass
zowe · Oct 11, 2024 · 5b8c4de · 5b8c4de
2 parents ee5ea77 + deacddd
commit 5b8c4de
Showing 1 changed file with 19 additions and 1 deletion.
diff --git a/workflows/files/ZWECONF.xml b/workflows/files/ZWECONF.xml
@@ -317,7 +317,7 @@ some use cases, like containerization, this port could be different.</descriptio
     </variable>
     <variable name="zowe_certificate_truststore_file" scope="instance" visibility="public">
         <label>Zowe certificate truststore file</label>
-        <abstract>File location for cert truststore. For keyring, the format is "safkeyring://OWNER/KEYRING"</abstract>
+        <abstract>File location for certificate truststore. For keyring, the format is "safkeyring://OWNER/KEYRING"</abstract>
         <description>File location for the certificate truststore</description>
         <category>certificates</category>
         <string valueMustBeChoice="false" multiLine="false">
@@ -469,6 +469,17 @@ How we want to verify SSL certificates of services. Valid values are:
             <default>7554</default>
         </integer>
     </variable>
+    <variable name="components_gateway_internalMapper" scope="instance" visibility="public">
+      <label>Enable Gateway internal mapper</label>
+      <abstract>Check this option to enable the Gateway internal ESM identity mapper</abstract>
+      <description>Check this option to enable Gateway internal ESM identity mapper</description>
+      <category>components</category>
+      <boolean>
+          <!-- Put validation here -->
+          <!-- Specify choices here -->
+          <default>false</default>
+      </boolean>
+  </variable>
     <variable name="components_gateway_debug" scope="instance" visibility="public">
         <label>Gateway debug</label>
         <abstract>Switch on the debug mode for the gateway</abstract>
@@ -1256,6 +1267,7 @@ How we want to verify SSL certificates of services. Valid values are:
                 </targetStateSet>
             </condition>
             <variableValue name="components_gateway_port" scope="instance" noPromptIfSet="false" required="true"/>
+            <variableValue name="components_gateway_internalMapper" scope="instance" noPromptIfSet="false" required="true"/>
             <variableValue name="components_gateway_debug" scope="instance" noPromptIfSet="false" required="true"/>
             <variableValue name="components_gateway_apiml_security_auth_provider" scope="instance" noPromptIfSet="false" required="true"/>
             <variableValue name="components_gateway_apiml_security_auth_zosmf_jwtAutoconfiguration" scope="instance" noPromptIfSet="false" required="true"/>
@@ -2096,6 +2108,7 @@ echo '    debug: ${instance-components_gateway_debug}' >> "${instance-zowe_runti
 echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '    apiml:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '      security:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
+echo '        useInternalMapper: ${instance-components_gateway_internalMapper}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '        auth:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '          provider: "$!{instance-components_gateway_apiml_security_auth_provider}"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '          zosmf:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
@@ -2127,6 +2140,7 @@ echo '    debug: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '    apiml:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '      security:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
+echo '        useInternalMapper: false' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '        auth:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '          provider: "zosmf"' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '          zosmf:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
@@ -2234,7 +2248,11 @@ echo '        name: "$!{instance-components_caching_service_storage_vsam_name}"'
 echo '      infinispan:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '        # this is required if storage mode is infinispan' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
 echo '        jgroups:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
+#if (${instance-components_caching_service_storage_mode} == "infinispan" )
 echo '          port: ${instance-components_caching_service_storage_infinispan_jgroups_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
+#else
+echo '          port: 7600' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"
+#end
 #end
 #if (${instance-components_caching_service_enabled} == "false" )
 echo '  caching-service:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml"