99. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 6/18/2018 3:37:03 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

99.1 Files compared

#	Location	File	Last Modified
1	CTT_DM2_v7.zip\CTT_ntrt-jira-ssoi-authenticator\authenticator\src\test\docker\jira\conf	server.xml	Tue Jun 12 16:41:47 2018 UTC
2	CTT_DM2_v7.zip\CTT_ntrt-jira-ssoi-authenticator\authenticator\src\test\docker\jira\conf	server.xml	Fri Jun 15 21:11:21 2018 UTC

99.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	14	598
Changed	13	26
Inserted	0	0
Removed	0	0

99.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

99.4 Active regular expressions

No regular expressions were active.

99.5 Comparison detail

	1	<?xml
	2	version="1 .0"
	3	encoding=" utf-8"
	4	?>
	5	<!--
	6	======= ========== ========== ========== ========== ========== ========== ========== =======
	7
	8	Atlassi an JIRA St andalone E dition Tom cat Config uration.
	9
	10
	11	See the following for more informatio n
	12
	13	http:// confluence .atlassian .com/displ ay/JIRA/Co nfiguring+ JIRA+Stand alone
	14
	15	======= ========== ========== ========== ========== ========== ========== ========== =======
	16	-->
	17	<!--
	18	Licensed to the Ap ache Softw are Founda tion (ASF) under one or more
	19	contribu tor licens e agreemen ts. See t he NOTICE file distr ibuted wit h
	20	this wor k for addi tional inf ormation r egarding c opyright o wnership.
	21	The ASF licenses t his file t o You unde r the Apac he License , Version 2.0
	22	(the "Li cense"); y ou may not use this file excep t in compl iance with
	23	the Lice nse. You may obtain a copy of the Licen se at
	24
	25	http ://www.apa che.org/li censes/LIC ENSE-2.0
	26
	27	Unless r equired by applicabl e law or a greed to i n writing, software
	28	distribu ted under the Licens e is distr ibuted on an "AS IS" BASIS,
	29	WITHOUT WARRANTIES OR CONDIT IONS OF AN Y KIND, ei ther expre ss or impl ied.
	30	See the License fo r the spec ific langu age govern ing permis sions and
	31	limitati ons under the Licens e.
	32	-->
	33	<Server
	34	port=" PORT "
	35	shutdown=" SHUTDOWN"
	36	>
	37
	38	<Listener
	39	className= "org.apach e.catalina .startup.V ersionLogg erListener "
	40	/>
	41
	42	<!-- Secur ity listen er. Docume ntation at /docs/con fig/listen ers.html
	43	<Liste ner classN ame="org.a pache.cata lina.secur ity.Securi tyListener " />
	44	-->
	45
	46	<!--APR li brary load er. Docume ntation at /docs/apr .html -->
	47
	48	<Listener
	49	className= "org.apach e.catalina .core.AprL ifecycleLi stener"
	50	SSLEngine= "on"
	51	/>
	52
	53	<!-- Preve nt memory leaks due to use of particular java/java x APIs-->
	54
	55	<Listener
	56	className= "org.apach e.catalina .core.JreM emoryLeakP reventionL istener"
	57	/>
	58
	59	<Listener
	60	className= "org.apach e.catalina .mbeans.Gl obalResour cesLifecyc leListener "
	61	/>
	62
	63	<Listener
	64	className= "org.apach e.catalina .core.Thre adLocalLea kPreventio nListener"
	65	/>
	66
	67
	68	<!-- Globa l JNDI res ources
	69	D ocumentati on at /doc s/jndi-res ources-how to.html
	70	-->
	71
	72
	73	<!-- A "Se rvice" is a collecti on of one or more "C onnectors" that shar e
	74	a single "Co ntainer" N ote: A "S ervice" is not itsel f a "Conta iner",
	75	so you may n ot define subcompone nts such a s "Valves" at this l evel.
	76	Do cumentatio n at /docs /config/se rvice.html
	77	-->
	78
	79	<Service
	80	name="Cata lina"
	81	>
	82
	83
	84	<!--defaul t-->
	85
	86	<Connector
	87	port=" PORT "
	88	protocol=" org.apache .coyote.ht tp11.Http1 1NioProtoc ol"
	89
	90	maxThreads ="150"
	91	SSLEnabled ="true"
	92	scheme="ht tps"
	93	secure="tr ue"
	94
	95	clientAuth ="false"
	96	sslProtoco l="TLS"
	97	keystoreFi le="/app/c erts/cert0 602017/ser ver.keysto re"
	98	keystorePa ss="tomcat "
	99
	100	minSpareTh reads="25"
	101
	102	connection Timeout="2 0000"
	103
	104	enableLook ups="false "
	105
	106	maxHttpHea derSize="8 192"
	107
	108	useBodyEnc odingForUR I="true"
	109
	110	redirectPo rt=" PORT "
	111
	112	acceptCoun t="100"
	113
	114	disableUpl oadTimeout ="true"
	115
	116	bindOnInit ="false"
	117
	118	proxyName= " DNS "
	119
	120	proxyPort= "443"
	121	/ >
	122
	123
	124	<!-- added truststor e to defau lt -->
	125	<!--
	126	<Connector port=" PORT " protocol ="org.apac he.coyote. http11.Htt p11NioProt ocol"
	127	m axThreads= "150" SSLE nabled="tr ue" scheme ="https" s ecure="tru e"
	128	c lientAuth= "false" ss lProtocol= "TLS"
	129	k eystoreFil e="/app/ce rts/cert06 02017/serv er.keystor e"
	130	k eystorePas s="tomcat"
	131	t ruststoreF ile="/app/ certs/cert 0602017/se rver.keyst ore"
	132	t ruststoreP ass="tomca t"
	133	m inSpareThr eads="25"
	134	c onnectionT imeout="20 000"
	135	e nableLooku ps="false"
	136	m axHttpHead erSize="81 92"
	137	u seBodyEnco dingForURI ="true"
	138	redirectPo rt=" PORT "
	139	a cceptCount ="100"
	140	d isableUplo adTimeout= "true"
	141	b indOnInit= "false"
	142	p roxyName=" DNS "
	143	p roxyPort=" 443"
	144	/>
	145	-->
	146
	147
	148	<!-- remov ed keystor e from def ault, addi ng certs t o JIRA's k eystore -- >
	149	<!--
	150	<Connector port=" PORT " protocol ="org.apac he.coyote. http11.Htt p11NioProt ocol"
	151	m axThreads= "150" SSLE nabled="tr ue" scheme ="https" s ecure="tru e"
	152	c lientAuth= "false" ss lProtocol= "TLS"
	153	m inSpareThr eads="25"
	154	c onnectionT imeout="20 000"
	155	e nableLooku ps="false"
	156	m axHttpHead erSize="81 92"
	157	u seBodyEnco dingForURI ="true"
	158	redirectPo rt=" PORT "
	159	a cceptCount ="100"
	160	d isableUplo adTimeout= "true"
	161	b indOnInit= "false"
	162	p roxyName=" DNS "
	163	p roxyPort=" 443"
	164	/>
	165	-->
	166
	167
	168	<!--
	169	== ========== ========== ========== ========== ========== ========== ========== ========== ==
	170
	171	Fo r full ste ps on runn ing JIRA o ver SSL or HTTPS for productio n and test ing, see:
	172	http://c onfluence. atlassian. com/displa y/JIRA/Run ning+JIRA+ over+SSL+o r+HTTPS
	173	an d
	174	http://t omcat.apac he.org/tom cat-8.5-do c/ssl-howt o.html
	175
	176	A quicker me thod can b e found be low, which we recomm end only f or evaluat ion and de monstratio n:
	177
	178	* Uncomm ent the Co nnector be low
	179	* Execut e:
	180	%JAV A_HOME%\bi n\keytool -genkey -a lias tomca t -keyalg RSA (Windo ws)�
	181	$JAV A_HOME/bin /keytool - genkey -al ias tomcat -keyalg R SA (Unix)�
	182	with a passwor d value of "changeit " for both the certi ficate and the keyst ore itself .
	183	* If you are on JD K1.3 or ea rlier, dow nload and install JS SE 1.0.2 o r later, a nd put the JAR files into "$JA VA_HOME/jr e/lib/ext"
	184	* Restart and visit https://lo calhost: PORT /
	185
	186	== ========== ========== ========== ========== ========== ========== ========== ========== ==
	187	-- >
	188
	189	<!--
	190	<Connector port=" PORT " protocol ="org.apac he.coyote. http11.Htt p11NioProt ocol"
	191	maxHtt pHeaderSiz e="8192" S SLEnabled= "true"
	192	maxThr eads="150" minSpareT hreads="25 "
	193	enable Lookups="f alse" disa bleUploadT imeout="tr ue"
	194	accept Count="100 " scheme=" https" sec ure="true"
	195	client Auth="fals e" sslProt ocol="TLS" useBodyEn codingForU RI="true"
	196	keysto reFile="/o pt/bamboo- agent/.key store"/>
	197	-- >
	198
	199
	200
	201	<!--
	202	= ========== ========== ========== ========== ========== ========== ========== ========== ===
	203
	204	I f you have Apache AJ P Connecto r (mod_ajp ) as a pro xy in fron t of JIRA you should uncomment the follo wing conne ctor confi guration l ine
	205
	206	S ee the fol lowing for more info rmation :
	207
	208	http://c onfluence. atlassian. com/displa y/JIRA/Con figuring+A pache+Reve rse+Proxy+ Using+the+ AJP+Protoc ol
	209
	210	= ========== ========== ========== ========== ========== ========== ========== ========== ===
	211	-- >
	212
	213
	214	<!--
	215	<Connector port=" PORT " redirect Port=" PORT " enableLo okups="fal se" protoc ol="AJP/1. 3" URIEnco ding="UTF- 8"/>
	216	-- >
	217
	218
	219	<Engine
	220	name="Cata lina"
	221	defaultHos t="localho st"
	222	>
	223
	224	<Host
	225	name="loca lhost"
	226	appBase="w ebapps"
	227	unpackWARs ="true"
	228	autoDeploy ="true"
	229	>
	230
	231
	232	<Context
	233	path="/ntr t"
	234	docBase="$ {catalina. home}/atla ssian-jira "
	235	reloadable ="false"
	236	useHttpOnl y="true"
	237	>
	238
	239
	240
	241	<!--
	242	========= ========== ========== ========== ========== ========== ========== ========== =====
	243
	244	Note, you no longer configure your data base drive r or conne ction para meters her e.
	245	These are configure d through the UI dur ing applic ation setu p.
	246
	247	========= ========== ========== ========== ========== ========== ========== ========== =====
	248	-->
	249
	250
	251	<Resource
	252	name="User Transactio n"
	253	auth="Cont ainer"
	254	type="java x.transact ion.UserTr ansaction"
	255
	256	factory="o rg.objectw eb.jotm.Us erTransact ionFactory "
	257	jotm.timeo ut="60"
	258	/>
	259
	260	<Manager
	261	pathname=" "
	262	/>
	263
	264	<JarScanne r
	265	scanManife st="false"
	266	/>
	267
	268	</Context>
	269
	270
	271	</Host>
	272
	273
	274	<!--
	275	==== ========== ========== ========== ========== ========== ========== ========== ==========
	276
	277	Acc ess Loggin g.
	278
	279	Thi s should p roduce acc ess_log.<d ate> files in the 'l ogs' direc tory.
	280
	281	The output ac cess log l ies has th e followin g fields :
	282
	283	IP Request_Id User Time stamp "HT TP_Method URL Protoc ol_Version " HTTP_Sta tus_Code R esponseSiz e_in_Bytes RequestTi me_In_Mill is Referer User_Agen t ASESSION ID
	284
	285	eg :
	286
	287	192 .168.3.238 124346653 6012x12x1 admin [28/ May/2009:0 9:22:17 +1 000] "GET /jira/secu re/admin/j ira/IndexP rogress.js pa?taskId= 1 HTTP/1.1 " 200 2426 7 1070 "ht tp://carlt ondraught. sydney.atl assian.com :8090/jira /secure/ad min/jira/I ndexAdmin. jspa" "Moz illa/5.0 ( X11; U; Li nux x86_64 ; en-US; r v:1.9.0.10 ) Gecko/20 09042523 U buntu/9.04 (jaunty) Firefox/3. 0.10" "C2C 99B632EE0F 41E90F8EF7 A201F6A78"
	288
	289	NOT ES:
	290
	291	The RequestId is a mill is_since_e poch plus request nu mber plus number of concurrent users
	292
	293	The Request t ime is in millisecon ds
	294
	295	The ASESSIONI D is an ha sh of the JSESSIONID and hence is safe t o publish within log s. A sess ion cannot be recons tructed fr om it.
	296
	297	See http://to mcat.apach e.org/tomc at-6.0-doc /config/va lve.html f or more in formation on Tomcat Access Log Valves
	298
	299	==== ========== ========== ========== ========== ========== ========== ========== ==========
	300
	301	-->
	302
	303	<Valve
	304	className= "org.apach e.catalina .valves.Ac cessLogVal ve"
	305
	306	pattern="% a %{jira.r equest.id} r %{jira.r equest.use rname}r %t "%m %U%q %H&qu ot; %s %b %D "% {Referer}i " &qu ot;%{User- Agent}i&qu ot; " %{jira.req uest.asses sion.id}r& quot; %{ad samaccount name}i %{a demail}i % {prisme-ro les}i"
	307	/>
	308
	309	</Engine>
	310
	311	</Service>
	312	</Server>